Action not permitted
Modal body text goes here.
CVE-2014-3569
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T10:50:17.405Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "71934", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/71934" }, { "name": "HPSBOV03318", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "openSUSE-SU-2015:0130", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "HPSBMU03380", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "name": "1033378", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033378" }, { "name": "HPSBHF03289", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "name": "MDVSA-2015:019", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=b82924741b4bd590da890619be671f4635e46c2b" }, { "name": "HPSBUX03244", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "name": "SUSE-SU-2015:0946", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "name": "HPSBMU03397", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "HPSBMU03396", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "name": "HPSBUX03162", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "name": "MDVSA-2015:062", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX216642" }, { "name": "HPSBMU03413", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "name": "SSRT101885", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "name": "DSA-3125", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3125" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-20T00:00:00", "descriptions": [ { "lang": "en", "value": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-14T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "71934", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/71934" }, { "name": "HPSBOV03318", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "openSUSE-SU-2015:0130", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "name": "HPSBMU03409", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT204659" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "HPSBMU03380", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "name": "1033378", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033378" }, { "name": "HPSBHF03289", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "name": "MDVSA-2015:019", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=b82924741b4bd590da890619be671f4635e46c2b" }, { "name": "HPSBUX03244", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "APPLE-SA-2015-04-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "name": "SUSE-SU-2015:0946", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "name": "HPSBMU03397", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "HPSBMU03396", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "name": "HPSBUX03162", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "name": "MDVSA-2015:062", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX216642" }, { "name": "HPSBMU03413", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "name": "SSRT101885", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "name": "DSA-3125", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3125" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3569", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "71934", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71934" }, { "name": "HPSBOV03318", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "openSUSE-SU-2015:0130", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "name": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html", "refsource": "CONFIRM", "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "name": "HPSBMU03409", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2014-3569", "refsource": "CONFIRM", "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "HPSBMU03380", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "name": "1033378", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033378" }, { "name": "HPSBHF03289", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "name": "https://www.openssl.org/news/secadv_20150108.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "name": "MDVSA-2015:019", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b" }, { "name": "HPSBUX03244", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "name": "SUSE-SU-2015:0946", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "name": "HPSBMU03397", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "HPSBMU03396", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "name": "HPSBUX03162", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "name": "MDVSA-2015:062", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "name": "https://support.citrix.com/article/CTX216642", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX216642" }, { "name": "HPSBMU03413", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "name": "SSRT101885", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest", "refsource": "CONFIRM", "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "name": "https://bto.bluecoat.com/security-advisory/sa88", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "name": "DSA-3125", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3125" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3569", "datePublished": "2014-12-24T11:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-08-06T10:50:17.405Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2014-3569\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-12-24T11:59:00.057\",\"lastModified\":\"2023-11-07T02:20:13.593\",\"vulnStatus\":\"Modified\",\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/476.html\\\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n ssl23_get_client_hello en s23_srvr.c en OpenSSL 0.9.8zc, 1.0.0o y 1.0.1j no maneja adecuadamente los intentos de utilizar protocolos no soportados, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de demonio) a trav\u00e9s de un apret\u00f3n de manos no esperado, seg\u00fan lo demostrado por un apret\u00f3n de manos SSLv3 a una aplicaci\u00f3n no-ssl3 con ciertos manejos de errores. NOTA: este problema se volvi\u00f3 relevante despu\u00e9s de la correcci\u00f3n de CVE-2014-3568.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3703E445-17C0-4C85-A496-A35641C0C8DB\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3125\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:019\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/71934\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1033378\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa88\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=392fa7a952e97d82eac6958c81ed1e256e6b8ca5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=6ce9687b5aba5391fc0de50e18779eb676d0e04d\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=b82924741b4bd590da890619be671f4635e46c2b\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2014-3569\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/HT204659\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.citrix.com/article/CTX216642\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.openssl.org/news/secadv_20150108.txt\",\"source\":\"secalert@redhat.com\"}]}}" } }
ghsa-66cr-qxrv-fpg2
Vulnerability from github
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.
{ "affected": [], "aliases": [ "CVE-2014-3569" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2014-12-24T11:59:00Z", "severity": "MODERATE" }, "details": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.", "id": "GHSA-66cr-qxrv-fpg2", "modified": "2022-05-17T00:24:12Z", "published": "2022-05-17T00:24:12Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3569" }, { "type": "WEB", "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "type": "WEB", "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "type": "WEB", "url": "https://support.apple.com/HT204659" }, { "type": "WEB", "url": "https://support.citrix.com/article/CTX216642" }, { "type": "WEB", "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "type": "WEB", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "type": "WEB", "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "type": "WEB", "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "type": "WEB", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "type": "WEB", "url": "http://www.debian.org/security/2015/dsa-3125" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/71934" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1033378" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2014-3569
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2014-3569", "description": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.", "id": "GSD-2014-3569", "references": [ "https://www.suse.com/security/cve/CVE-2014-3569.html", "https://www.debian.org/security/2015/dsa-3125", "https://advisories.mageia.org/CVE-2014-3569.html", "https://alas.aws.amazon.com/cve/html/CVE-2014-3569.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2014-3569" ], "details": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.", "id": "GSD-2014-3569", "modified": "2023-12-13T01:22:53.101328Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3569", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "71934", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71934" }, { "name": "HPSBOV03318", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "openSUSE-SU-2015:0130", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "name": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html", "refsource": "CONFIRM", "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "name": "HPSBMU03409", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "url": "https://support.apple.com/HT204659" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2014-3569", "refsource": "CONFIRM", "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "HPSBMU03380", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "name": "1033378", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033378" }, { "name": "HPSBHF03289", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "name": "openSUSE-SU-2016:0640", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "name": "https://www.openssl.org/news/secadv_20150108.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "name": "MDVSA-2015:019", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b" }, { "name": "HPSBUX03244", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "name": "SUSE-SU-2015:0946", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "name": "HPSBMU03397", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "HPSBMU03396", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "name": "HPSBUX03162", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "name": "MDVSA-2015:062", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "name": "https://support.citrix.com/article/CTX216642", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX216642" }, { "name": "HPSBMU03413", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "name": "SSRT101885", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest", "refsource": "CONFIRM", "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "name": "https://bto.bluecoat.com/security-advisory/sa88", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "name": "DSA-3125", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3125" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3569" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5", "refsource": "CONFIRM", "tags": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "name": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest", "refsource": "CONFIRM", "tags": [], "url": "http://rt.openssl.org/Ticket/Display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d", "refsource": "CONFIRM", "tags": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "name": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html", "refsource": "CONFIRM", "tags": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3569.html" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b", "refsource": "CONFIRM", "tags": [], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2014-3569", "refsource": "CONFIRM", "tags": [], "url": "https://security-tracker.debian.org/tracker/CVE-2014-3569" }, { "name": "https://www.openssl.org/news/secadv_20150108.txt", "refsource": "CONFIRM", "tags": [], "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "name": "MDVSA-2015:019", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" }, { "name": "71934", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/71934" }, { "name": "DSA-3125", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2015/dsa-3125" }, { "name": "SSRT101885", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "name": "openSUSE-SU-2015:0130", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "refsource": "CISCO", "tags": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" }, { "name": "HPSBHF03289", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "name": "MDVSA-2015:062", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "name": "APPLE-SA-2015-04-08-2", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "name": "https://support.apple.com/HT204659", "refsource": "CONFIRM", "tags": [], "url": "https://support.apple.com/HT204659" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "name": "SUSE-SU-2015:0946", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "refsource": "CONFIRM", "tags": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "refsource": "CONFIRM", "tags": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "name": "HPSBMU03397", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "name": "HPSBMU03413", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "name": "HPSBMU03380", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "name": "HPSBMU03409", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "name": "HPSBOV03318", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "name": "HPSBMU03396", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "name": "HPSBUX03162", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "name": "https://bto.bluecoat.com/security-advisory/sa88", "refsource": "CONFIRM", "tags": [], "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "name": "openSUSE-SU-2016:0640", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679", "refsource": "CONFIRM", "tags": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679" }, { "name": "1033378", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1033378" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108", "refsource": "CONFIRM", "tags": [], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10108" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102", "refsource": "CONFIRM", "tags": [], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10102" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "https://support.citrix.com/article/CTX216642", "refsource": "CONFIRM", "tags": [], "url": "https://support.citrix.com/article/CTX216642" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2017-11-15T02:29Z", "publishedDate": "2014-12-24T11:59Z" } } }
var-201412-0519
Vulnerability from variot
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix. This vulnerability CVE-2014-3568 It became the problem after the correction. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions.
CVE-2014-3571
Markus Stenberg of Cisco Systems, Inc. A remote attacker could use this flaw
to mount a denial of service attack.
CVE-2014-3572
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an
OpenSSL client would accept a handshake using an ephemeral ECDH
ciphersuite if the server key exchange message is omitted.
CVE-2015-0204
Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that
an OpenSSL client will accept the use of an ephemeral RSA key in a
non-export RSA key exchange ciphersuite, violating the TLS
standard.
CVE-2015-0206
Chris Mueller discovered a memory leak in the dtls1_buffer_record
function.
For the upcoming stable distribution (jessie), these problems will be fixed soon.
We recommend that you upgrade your openssl packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2015:062 http://www.mandriva.com/en/support/security/
Package : openssl Date : March 27, 2015 Affected: Business Server 2.0
Problem Description:
Multiple vulnerabilities has been discovered and corrected in openssl:
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment (CVE-2010-5298).
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04774019
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04774019 Version: 1
HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-08-24 Last Updated: 2015-08-24
Potential Security Impact: Remote unauthorized modification, unauthorized access, or unauthorized disclosure of information.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Matrix Operating Environment. The vulnerabilities could be exploited remotely resulting in unauthorized modification, unauthorized access, or unauthorized disclosure of information.
References:
CVE-2010-5107 CVE-2013-0248 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-1692 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2134 CVE-2015-2139 CVE-2015-2140 CVE-2015-2301 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-3113 CVE-2015-5122 CVE-2015-5123 CVE-2015-5402 CVE-2015-5403 CVE-2015-5404 CVE-2015-5405 CVE-2015-5427 CVE-2015-5428 CVE-2015-5429 CVE-2015-5430 CVE-2015-5431 CVE-2015-5432 CVE-2015-5433
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Matrix Operating Environment impacted software components and versions:
HP Systems Insight Manager (SIM) prior to version 7.5.0 HP System Management Homepage (SMH) prior to version 7.5.0 HP Version Control Agent (VCA) prior to version 7.5.0 HP Version Control Repository Manager (VCRM) prior to version 7.5.0 HP Insight Orchestration prior to version 7.5.0 HP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities in the impacted versions of HP Matrix Operating Environment
HP Matrix Operating Environment 7.5.0 is only available on DVD. Please order the latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO from the following location:
http://www.hp.com/go/insightupdates
Choose the orange Select button. This presents the HP Insight Management Media order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from the Software specification list. Fill out the rest of the form and submit it.
HP has addressed these vulnerabilities for the affected software components bundled with the HP Matrix Operating Environment in the following HP Security Bulletins.
HP Matrix Operating Environment component HP Security Bulletin Number Security Bulletin Location
HP Systems Insight Manager (SIM) HPSBMU03394 HPSBMU03394 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744
HP System Management Homepage (SMH) HPSBMU03380 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490&la ng=en-us&cc=
HP Version Control Agent (VCA) HPSBMU03397 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169
HP Version Control Repository Manager (VCRM) HPSBMU03396 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04765115
HP Virtual Connect Enterprise Manager (VCEM) SDK HPSBMU03413 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04774021
HISTORY Version:1 (rev.1) - 24 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlXbREoACgkQ4B86/C0qfVl2EQCcC7+X+ufWAfXznICabd38dIqX /uwAmwTKaw3ON48Dwm7wtl1Cw1+vwZGJ =kie8 -----END PGP SIGNATURE----- .
References:
CVE-2014-8275 Cryptographic Issues (CWE-310) CVE-2014-3569 Remote Denial of Service (DoS) CVE-2014-3570 Cryptographic Issues (CWE-310) CVE-2014-3571 Remote Denial of Service (DoS) CVE-2014-3572 Cryptographic Issues (CWE-310) CVE-2015-0204 Cryptographic Issues (CWE-310) SSRT101885
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The updates are available from either of the following sites:
ftp://sl098ze:Secure12@h2.usa.hp.com
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
HP-UX Release HP-UX OpenSSL depot name
B.11.11 (11i v1) OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08ze or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0519", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openssl", "scope": "eq", "trust": 1.8, "vendor": "openssl", "version": "1.0.1j" }, { "model": "communications core session manager", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "7.3.5" }, { "model": "communications core session manager", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "7.2.5" }, { "model": "bladecenter advanced management module 3.66k", "scope": null, "trust": 0.9, "vendor": "ibm", "version": null }, { "model": "openssl", "scope": "eq", "trust": 0.8, "vendor": "openssl", "version": "0.9.8zc" }, { "model": "openssl", "scope": "eq", "trust": 0.8, "vendor": "openssl", "version": "1.0.0o" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.10 to 10.10.2" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.8.5" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.9.5" }, { "model": "integrated lights out manager", "scope": "lt", "trust": 0.8, "vendor": "oracle", "version": "(sun system firmware) 8.7.2.b" }, { "model": "integrated lights out manager", "scope": "lt", "trust": 0.8, "vendor": "oracle", "version": "(sun system firmware) 9.4.2e" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "5.6.22" }, { "model": "fusion middleware", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle mobile security suite mss 3.0" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "10" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "11.2" }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 4.63" }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 4.71" }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 5.1" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.1" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.2" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.3" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.4" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.1" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.2" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.3" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.4" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 5.0" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 5.1" }, { "model": "paging server", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.6, "vendor": "hp", "version": "7.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.1" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.5" }, { "model": "mate collector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ata series analog terminal adaptor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1900" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.1" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "bladecenter advanced management module 25r5778", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "telepresence server on virtual machine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1948" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.6" }, { "model": "upward integration modules scvmm add-in", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "proactive network operations center", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22025850" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.4" }, { "model": "sbr carrier", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.1.3" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6" }, { "model": "project openssl 1.0.0d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "90000" }, { "model": "project openssl 1.0.1e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "idataplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79120" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.780" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32400" }, { "model": "project openssl 1.0.1a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.2.2" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "85100" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.2" }, { "model": "ip interoperability and collaboration system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0.4" }, { "model": "project openssl 1.0.0p", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3400" }, { "model": "systems insight manager 7.3.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.0" }, { "model": "project openssl 1.0.0g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.3" }, { "model": "junos os 13.3r6", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "tivoli netcool/reporter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4.19" }, { "model": "telepresence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70104.1" }, { "model": "insight control server provisioning", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "prime security manager 04.8 qa08", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.1" }, { "model": "netscaler t1", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "project openssl 0.9.8zb", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.0-68" }, { "model": "prime license manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.842" }, { "model": "flex system manager node types", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79550" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.0" }, { "model": "app for netapp data ontap", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0.870" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2-77" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "telepresence te software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "linux enterprise software development kit sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.9.1.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x350073830" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.2.2.2" }, { "model": "network configuration and change management service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "prime collaboration assurance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.840" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "telepresence content server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37001.1" }, { "model": "tandberg codian mse model", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83200" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "local collector appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.2.8" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "project openssl 0.9.8w", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310025820" }, { "model": "cognos tm1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.4" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.4" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.3" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1.0" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.11" }, { "model": "project openssl 1.0.0m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.27" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.1.8" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24087380" }, { "model": "project openssl 1.0.1g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "project openssl 0.9.8m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "prime lan management solution", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "wide area application services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "command center appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.96" }, { "model": "flashsystem 9848-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v840" }, { "model": "project openssl 1.0.1k", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50001.1" }, { "model": "bladecenter -t", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8720" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.1.2" }, { "model": "media services interface", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ctpview", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.6.156" }, { "model": "netscaler gateway", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "project openssl 1.0.1i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.12" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2" }, { "model": "unified attendant console advanced", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 1.0.0h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.8" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0" }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "system management homepage c", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "jabber for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "enterprise content delivery service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.5" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.4(7.26)" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.8.0.10" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8886" }, { "model": "unified sip proxy", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4.19" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.10" }, { "model": "telepresence advanced media gateway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1.4" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "unified attendant console premium edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32100" }, { "model": "tivoli workload scheduler distributed fp03", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4" }, { "model": "project openssl 0.9.8r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.3" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "app for stream", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "firesight system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.4.1.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "project openssl 0.9.8n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "virtual connect enterprise manager sdk", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "systems insight manager sp5", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.3" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.3" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.0.820" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.1(5.106)" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.3" }, { "model": "project openssl 0.9.8y", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2" }, { "model": "upward integration modules for microsoft system center", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4.1.8" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4.1.8" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.1" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22079060" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.1" }, { "model": "upward integration modules hardware management pack", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "physical access gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3850x638370" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.4" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x88042590" }, { "model": "project openssl 1.0.0l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.1" }, { "model": "netscaler application delivery controller", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "upward integration modules integrated installer", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "wireless lan controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1" }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7967" }, { "model": "dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79180" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.1" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.68" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.102" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.4" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "anyres live", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 0.9.8p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "application policy infrastructure controller 1.0", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.1.830" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8852" }, { "model": "unified attendant console business edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "nextscale nx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "54550" }, { "model": "bladecenter -ht", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8750" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15-210" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32200" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.2" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.7" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.9.1" }, { "model": "jabber video for telepresence", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0-103" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.12.201" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.95" }, { "model": "proventia network enterprise scanner", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.4" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.1.3.3" }, { "model": "openflow agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7.770" }, { "model": "prime collaboration deployment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "dx series ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0-95" }, { "model": "virtualization experience media engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli workload scheduler distributed fp05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "tivoli workload scheduler distributed fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0" }, { "model": "project openssl 0.9.8za", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.8" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.4" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "ace30 application control engine module 3.0 a5", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "junos os 12.3r10", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "cognos tm1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.0.2" }, { "model": "unified computing system b-series servers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 0.9.8q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.96" }, { "model": "systems insight manager", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079150" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1.0.6" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.7" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.2.127" }, { "model": "jabber software development kit", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.800" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.8" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "firesight system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.4.0.2" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.21" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087220" }, { "model": "project openssl 1.0.1c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize 6.4storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v3500v3700" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1881" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8v" }, { "model": "project openssl 1.0.1f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1-73" }, { "model": "infosphere balanced warehouse c4000", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.4.1" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.780" }, { "model": "tivoli provisioning manager for images", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.1" }, { "model": "upward integration modules scvmm add-in", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.4" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.0" }, { "model": "identity service engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 0.9.8g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.15" }, { "model": "virtual connect enterprise manager sdk", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.0" }, { "model": "wag310g residential gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.0-14" }, { "model": "tivoli workload scheduler distributed fp04", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "cognos controller if1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1.1.3" }, { "model": "sametime community server hf1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.2" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "project openssl 1.0.0o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3.1.7" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0.860" }, { "model": "rational software architect", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2" }, { "model": "linux enterprise server for vmware sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.146" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6" }, { "model": "application policy infrastructure controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.1(0.625)" }, { "model": "agent desktop", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "10.0(2)" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7779" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x88079030" }, { "model": "upward integration modules for vmware vsphere", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.5.3" }, { "model": "sametime community server limited use", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0.870" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24087370" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.2" }, { "model": "jabber voice for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "onepk all-in-one vm", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.3" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "idp", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "ctpos 7.0r4", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "unified attendant console department edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.840" }, { "model": "system management homepage a", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.11.197" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "prime data center network manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.14" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15210" }, { "model": "cognos tm1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "network performance analytics", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.64" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "system m4 hd type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365054600" }, { "model": "rational software architect for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)5.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.8" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.116" }, { "model": "rational software architect for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "project openssl 0.9.8l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "version control repository manager 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "junos space", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3.740" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.20" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70000" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "systems insight manager update", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.31" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "ddos secure", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system management homepage 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.6" }, { "model": "telepresence server on multiparty media", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3204.1" }, { "model": "flashsystem 9846-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v840" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "60000" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22279160" }, { "model": "project openssl 1.0.0i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "project openssl 0.9.8zd", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "ringmaster appliance", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.19" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.5" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "ctpview 7.1r1", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.1" }, { "model": "cognos controller interim fix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.2.0.1" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.13" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.0" }, { "model": "unified ip conference phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "88310" }, { "model": "project openssl 1.0.0e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "clustered data ontap", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.1" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "vgw", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.3.0.5" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1x8664" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4" }, { "model": "business process manager advanced", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.6" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.0.820" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.5" }, { "model": "infosphere balanced warehouse c3000", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.2.835" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "system m4 bd type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365054660" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8x" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4.19" }, { "model": "upward integration modules hardware management pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "src series", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "bladecenter t advanced management module 32r0835", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "telepresence supervisor mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "80500" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "iptv", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "upward integration modules integrated installer", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.12" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325025830" }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "project openssl 0.9.8t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.2.106" }, { "model": "web security appliance 9.0.0 -fcs", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "systems insight manager sp3", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.1.830" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "42000" }, { "model": "hosted collaboration mediation fulfillment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "mint", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "application networking manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage 7.3.2.1", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "socialminer", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 1.0.0c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.14.20" }, { "model": "tivoli workload scheduler distributed fp03", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.760" }, { "model": "video surveillance media server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "84200" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "20500" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.5" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.3" }, { "model": "telepresence video communication server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.3" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "telepresence sx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.4" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x330073820" }, { "model": "project openssl 1.0.0f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "meetingplace", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ctp", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9.790" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.0.2" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.1.730" }, { "model": "ctpos 7.1r1", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x363071580" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.5" }, { "model": "project openssl 1.0.0j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "35000" }, { "model": "project openssl 1.0.0b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.5" }, { "model": "expressway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.5" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "57100" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.801" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.2" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8734-" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.3.0.5" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.11" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3000" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.3" }, { "model": "mobile wireless transport manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli workload scheduler distributed fp07", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "mate design", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24078630" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4.143" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "business process manager advanced", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.5" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087330" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24089560" }, { "model": "powervu d9190 conditional access manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.1" }, { "model": "project openssl 1.0.1j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "bladecenter -t", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8730" }, { "model": "cloudbridge", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4.1.8" }, { "model": "gpfs for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "version control repository manager", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.3" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3.132" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x353071600" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1.0.7" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.0(4.29)" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "flashsystem 9840-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "840" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0" }, { "model": "mate live", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli workload scheduler distributed fp02", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "telepresence integrator c series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.3.0.5" }, { "model": "project openssl 1.0.1d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0-12" }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7989" }, { "model": "mobile security suite mss", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0" }, { "model": "rational software architect", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.1.104" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.6" }, { "model": "tivoli workload scheduler distributed fp05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1.0.7" }, { "model": "nsm", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "cognos controller if3", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1.0.6" }, { "model": "bladecenter -ht", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8740" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.1.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0.860" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.2" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.1" }, { "model": "prime collaboration provisioning", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "pulse secure", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087180" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8731-" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.146" }, { "model": "idataplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79130" }, { "model": "systems insight manager sp6", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1.73" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "45000" }, { "model": "telepresence isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32410" }, { "model": "project openssl 0.9.8zc", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310054570" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5" }, { "model": "mac os", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.10.3" }, { "model": "telepresence server on multiparty media", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3104.1" }, { "model": "telepresence ex series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1" }, { "model": "webex meetings for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0" }, { "model": "insight control", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1841" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.3" }, { "model": "server migration pack", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "cognos controller fp1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.3" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.2(3.1)" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.4" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.9.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.3" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.179" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "junos os", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355079140" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "project openssl 0.9.8o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.16" }, { "model": "server migration pack", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl 1.0.1b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0k", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1886" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087520" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.2" }, { "model": "vds service broker", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence conductor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "d9036 modular encoding platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35001.1" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.5" }, { "model": "video surveillance 4300e/4500e high-definition ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x638370" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.0" }, { "model": "tivoli workload scheduler distributed fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.2" }, { "model": "app for vmware", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "junos os 12.3x48-d10", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8677" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.2" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10500" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.0.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.5" }, { "model": "video surveillance ptz ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "anyconnect secure mobility client for ios", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "004.000(1233)" }, { "model": "project openssl 0.9.8s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.2.835" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.2.10" }, { "model": "telepresence serial gateway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.841" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1.0.7" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "ctpos 6.6r5", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "cloud", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "webex meetings server 2.5mr2", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "junos os 13.2r8", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.103" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.1" }, { "model": "unified attendant console enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "netscaler service delivery appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "matrix operating environment", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "predictiveinsight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.22" }, { "model": "telepresence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "87104.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.2.7" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "53000" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.3.0" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.0.121" }, { "model": "ios 15.5 s", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.2" }, { "model": "prime performance manager for sps ppm sp1", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.6" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.7" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "telepresence mx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli workload scheduler distributed fp04", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7.770" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "telepresence isdn gw mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83210" }, { "model": "ucs central", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence profile series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1.0.6" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x44079170" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.1" }, { "model": "unified communications domain manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "10.1.2" }, { "model": "systems insight manager 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "emergency responder", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.8" }, { "model": "dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79190" }, { "model": "im and presence service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4.750" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.3.0.5" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.1" }, { "model": "nac guest server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325054580" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.8" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.4" }, { "model": "tivoli provisioning manager for images system edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x7.1.1.0" }, { "model": "project openssl 0.9.8u", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.800" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)5.1" }, { "model": "cloud object store", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "contactoptimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "project openssl 1.0.1h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "cognos tm1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "project openssl 1.0.0a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9.790" } ], "sources": [ { "db": "BID", "id": "71934" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3569" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "HP", "sources": [ { "db": "PACKETSTORM", "id": "133318" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "132763" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "130545" } ], "trust": 0.8 }, "cve": "CVE-2014-3569", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2014-3569", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-3569", "trust": 1.8, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-3569", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix. This vulnerability CVE-2014-3568 It became the problem after the correction. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. \nAn attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. \n\nCVE-2014-3571\n\n Markus Stenberg of Cisco Systems, Inc. A remote attacker could use this flaw\n to mount a denial of service attack. \n\nCVE-2014-3572\n\n Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that an\n OpenSSL client would accept a handshake using an ephemeral ECDH\n ciphersuite if the server key exchange message is omitted. \n\nCVE-2015-0204\n\n Karthikeyan Bhargavan of the PROSECCO team at INRIA reported that\n an OpenSSL client will accept the use of an ephemeral RSA key in a\n non-export RSA key exchange ciphersuite, violating the TLS\n standard. \n\nCVE-2015-0206\n\n Chris Mueller discovered a memory leak in the dtls1_buffer_record\n function. \n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon. \n\nWe recommend that you upgrade your openssl packages. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2015:062\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : openssl\n Date : March 27, 2015\n Affected: Business Server 2.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been discovered and corrected in openssl:\n \n Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL\n through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows\n remote attackers to inject data across sessions or cause a denial of\n service (use-after-free and parsing error) via an SSL connection in\n a multithreaded environment (CVE-2010-5298). \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL\n before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2\n before 1.0.2a does not reinitialize CHOICE and ADB data structures,\n which might allow attackers to cause a denial of service (invalid\n write operation and memory corruption) by leveraging an application\n that relies on ASN.1 structure reuse (CVE-2015-0287). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04774019\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04774019\nVersion: 1\n\nHPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-08-24\nLast Updated: 2015-08-24\n\nPotential Security Impact: Remote unauthorized modification, unauthorized\naccess, or unauthorized disclosure of information. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Matrix\nOperating Environment. The vulnerabilities could be exploited remotely\nresulting in unauthorized modification, unauthorized access, or unauthorized\ndisclosure of information. \n\nReferences:\n\nCVE-2010-5107\nCVE-2013-0248\nCVE-2014-0118\nCVE-2014-0226\nCVE-2014-0231\nCVE-2014-1692\nCVE-2014-3523\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8142\nCVE-2014-8275\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9653\nCVE-2014-9705\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\nCVE-2015-0207\nCVE-2015-0208\nCVE-2015-0209\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0273\nCVE-2015-0285\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0288\nCVE-2015-0289\nCVE-2015-0290\nCVE-2015-0291\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-1787\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\nCVE-2015-2134\nCVE-2015-2139\nCVE-2015-2140\nCVE-2015-2301\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2787\nCVE-2015-3113\nCVE-2015-5122\nCVE-2015-5123\nCVE-2015-5402\nCVE-2015-5403\nCVE-2015-5404\nCVE-2015-5405\nCVE-2015-5427\nCVE-2015-5428\nCVE-2015-5429\nCVE-2015-5430\nCVE-2015-5431\nCVE-2015-5432\nCVE-2015-5433\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Matrix Operating Environment impacted software components and versions:\n\nHP Systems Insight Manager (SIM) prior to version 7.5.0\nHP System Management Homepage (SMH) prior to version 7.5.0\nHP Version Control Agent (VCA) prior to version 7.5.0\nHP Version Control Repository Manager (VCRM) prior to version 7.5.0\nHP Insight Orchestration prior to version 7.5.0\nHP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3\nCVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities in the impacted versions of HP Matrix Operating Environment\n\nHP Matrix Operating Environment 7.5.0 is only available on DVD. Please order\nthe latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO\nfrom the following location:\n\nhttp://www.hp.com/go/insightupdates\n\nChoose the orange Select button. This presents the HP Insight Management\nMedia order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from\nthe Software specification list. Fill out the rest of the form and submit it. \n\nHP has addressed these vulnerabilities for the affected software components\nbundled with the HP Matrix Operating Environment in the following HP Security\nBulletins. \n\nHP Matrix Operating Environment component\n HP Security Bulletin Number\n Security Bulletin Location\n\nHP Systems Insight Manager (SIM)\n HPSBMU03394\n HPSBMU03394\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744\n\nHP System Management Homepage (SMH)\n HPSBMU03380\n http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490\u0026la\nng=en-us\u0026cc=\n\nHP Version Control Agent (VCA)\n HPSBMU03397\n https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169\n\nHP Version Control Repository Manager (VCRM)\n HPSBMU03396\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04765115\n\nHP Virtual Connect Enterprise Manager (VCEM) SDK\n HPSBMU03413\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04774021\n\nHISTORY\nVersion:1 (rev.1) - 24 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlXbREoACgkQ4B86/C0qfVl2EQCcC7+X+ufWAfXznICabd38dIqX\n/uwAmwTKaw3ON48Dwm7wtl1Cw1+vwZGJ\n=kie8\n-----END PGP SIGNATURE-----\n. \n\nReferences:\n\nCVE-2014-8275 Cryptographic Issues (CWE-310)\nCVE-2014-3569 Remote Denial of Service (DoS)\nCVE-2014-3570 Cryptographic Issues (CWE-310)\nCVE-2014-3571 Remote Denial of Service (DoS)\nCVE-2014-3572 Cryptographic Issues (CWE-310)\nCVE-2015-0204 Cryptographic Issues (CWE-310)\nSSRT101885\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The\nupdates are available from either of the following sites:\n\nftp://sl098ze:Secure12@h2.usa.hp.com\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL depot name\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08ze or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant", "sources": [ { "db": "NVD", "id": "CVE-2014-3569" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "BID", "id": "71934" }, { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "PACKETSTORM", "id": "133318" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "129880" }, { "db": "PACKETSTORM", "id": "131044" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "132763" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "130545" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-3569", "trust": 3.2 }, { "db": "JUNIPER", "id": "JSA10679", "trust": 1.4 }, { "db": "BID", "id": "71934", "trust": 1.4 }, { "db": "MCAFEE", "id": "SB10108", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10102", "trust": 1.1 }, { "db": "SECTRACK", "id": "1033378", "trust": 1.1 }, { "db": "JVN", "id": "JVNVU98974537", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91828320", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-007389", "trust": 0.8 }, { "db": "VULMON", "id": "CVE-2014-3569", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133318", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133317", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129880", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131044", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133316", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137292", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133325", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132763", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137201", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130545", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "BID", "id": "71934" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "PACKETSTORM", "id": "133318" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "129880" }, { "db": "PACKETSTORM", "id": "131044" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "132763" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "130545" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "id": "VAR-201412-0519", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.396927715 }, "last_update_date": "2024-07-23T19:45:35.004000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "#3571: Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled", "trust": 1.6, "url": "http://rt.openssl.org/ticket/display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004", "trust": 0.8, "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html" }, { "title": "HT204659", "trust": 0.8, "url": "http://support.apple.com/en-us/ht204659" }, { "title": "HT204659", "trust": 0.8, "url": "http://support.apple.com/ja-jp/ht204659" }, { "title": "cisco-sa-20150310-ssl", "trust": 0.8, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl" }, { "title": "HPSBMU03397", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "title": "HPSBMU03409", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "title": "HPSBHF03289", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "title": "HPSBMU03413", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "title": "HPSBOV03318", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "title": "HPSBUX03162", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "title": "HPSBMU03380", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "title": "HPSBUX03244 SSRT101885", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04556853" }, { "title": "HPSBMU03396", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "title": "HPSBMU03611", "trust": 0.8, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888" }, { "title": "HPSBMU03612", "trust": 0.8, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380" }, { "title": "NV15-017", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-017.html" }, { "title": "commit 392fa7a", "trust": 0.8, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "title": "commit b829247", "trust": 0.8, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b82924741b4bd590da890619be671f4635e46c2b" }, { "title": "no-ssl3 configuration sets method to NULL (CVE-2014-3569)", "trust": 0.8, "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "title": "commit 6ce9687", "trust": 0.8, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "title": "Oracle Critical Patch Update Advisory - October 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html" }, { "title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html" }, { "title": "Oracle Critical Patch Update Advisory - July 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html" }, { "title": "Oracle Critical Patch Update Advisory - July 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Oracle Third Party Bulletin - January 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "October 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update" }, { "title": "July 2016 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update" }, { "title": "July 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update" }, { "title": "CVE-2014-3569", "trust": 0.8, "url": "https://security-tracker.debian.org/tracker/cve-2014-3569" }, { "title": "CVE-2014-3569", "trust": 0.8, "url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3569.html" }, { "title": "cisco-sa-20150310-ssl", "trust": 0.8, "url": "http://www.cisco.com/cisco/web/support/jp/112/1128/1128755_cisco-sa-20150310-ssl-j.html" }, { "title": "TLSA-2015-2", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2015/tlsa-2015-2j.html" }, { "title": "\u682a\u5f0f\u4f1a\u793e\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc \u306e\u544a\u77e5\u30da\u30fc\u30b8", "trust": 0.8, "url": "http://buffalo.jp/support_s/s20150327b.html" }, { "title": "Red Hat: CVE-2014-3569", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-3569" }, { "title": "Debian Security Advisories: DSA-3125-1 openssl -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807" }, { "title": "Amazon Linux AMI: ALAS-2015-469", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-469" }, { "title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7" }, { "title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1" }, { "title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc" }, { "title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - July 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.4, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "trust": 1.4, "url": "https://support.citrix.com/article/ctx216642" }, { "trust": 1.4, "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html" }, { "trust": 1.1, "url": "https://support.apple.com/ht204659" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "trust": 1.1, "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "trust": 1.1, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1033378" }, { "trust": 1.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108" }, { "trust": 1.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "trust": 1.1, "url": "http://www.debian.org/security/2015/dsa-3125" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/71934" }, { "trust": 1.1, "url": "https://security-tracker.debian.org/tracker/cve-2014-3569" }, { "trust": 1.1, "url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3569.html" }, { "trust": 1.1, "url": "http://rt.openssl.org/ticket/display.html?id=3571\u0026user=guest\u0026pass=guest" }, { "trust": 1.1, "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=b82924741b4bd590da890619be671f4635e46c2b" }, { "trust": 1.1, "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=6ce9687b5aba5391fc0de50e18779eb676d0e04d" }, { "trust": 1.1, "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=392fa7a952e97d82eac6958c81ed1e256e6b8ca5" }, { "trust": 1.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu98974537/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu91828320/index.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3569" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206" }, { "trust": 0.6, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.6, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286" }, { "trust": 0.4, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288" }, { "trust": 0.4, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.3, "url": "http://openssl.org/" }, { "trust": 0.3, "url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699667" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2015/feb/160" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271" }, { "trust": 0.3, "url": "https://www.openssl.org/news/vulnerabilities.html" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700275" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005170" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097503" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903784" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902374" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097811" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903726" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005150" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959633" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698506" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293" }, { "trust": 0.2, "url": "http://www.debian.org/security/" }, { "trust": 0.2, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792" }, { "trust": 0.2, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.2, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799" }, { "trust": 0.2, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652" }, { "trust": 0.2, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3569" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38390" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-c54de3da8602433283d55e7369" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0291" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1787" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-676ddad17a06423589ee8889d0" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0290" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0292" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-72d53359c85340f899e81986a7" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5432" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5433" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204" }, { "trust": 0.1, "url": "http://openssl.org/news/secadv_20150319.txt" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298" }, { "trust": 0.1, "url": "http://openssl.org/news/secadv_20150108.txt" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/advisories/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5409" }, { "trust": 0.1, "url": "http://h20566.www2.hpe.com/hpsc/doc/public/display?calledby=search_result\u0026doc" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5412" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5413" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-20861d704bc04221a1518b7cb6" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5410" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5411" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958" }, { "trust": 0.1, "url": "http://www.hpe.com/info/insightcontrol" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04746490\u0026la" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692" }, { "trust": 0.1, "url": "http://www.hp.com/go/insightupdates" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0248" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04762744" }, { "trust": 0.1, "url": "http://www.hp.com/go/smh" }, { "trust": 0.1, "url": "http://www.hpe.com/info/insightmanagement" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2019" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2020" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2018" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2022" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2027" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2026" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2021" }, { "trust": 0.1, "url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber" }, { "trust": 0.1, "url": "https://www.hp.com/go/swa" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "BID", "id": "71934" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "PACKETSTORM", "id": "133318" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "129880" }, { "db": "PACKETSTORM", "id": "131044" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "132763" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "130545" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-3569" }, { "db": "BID", "id": "71934" }, { "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "db": "PACKETSTORM", "id": "133318" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "129880" }, { "db": "PACKETSTORM", "id": "131044" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "132763" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "130545" }, { "db": "NVD", "id": "CVE-2014-3569" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-24T00:00:00", "db": "VULMON", "id": "CVE-2014-3569" }, { "date": "2014-10-17T00:00:00", "db": "BID", "id": "71934" }, { "date": "2014-12-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "date": "2015-08-26T01:33:25", "db": "PACKETSTORM", "id": "133318" }, { "date": "2015-08-26T01:33:18", "db": "PACKETSTORM", "id": "133317" }, { "date": "2015-01-12T17:17:37", "db": "PACKETSTORM", "id": "129880" }, { "date": "2015-03-27T20:42:44", "db": "PACKETSTORM", "id": "131044" }, { "date": "2015-08-26T01:33:07", "db": "PACKETSTORM", "id": "133316" }, { "date": "2016-06-02T19:12:12", "db": "PACKETSTORM", "id": "137292" }, { "date": "2015-08-26T01:35:08", "db": "PACKETSTORM", "id": "133325" }, { "date": "2015-07-21T13:37:51", "db": "PACKETSTORM", "id": "132763" }, { "date": "2016-05-26T09:22:00", "db": "PACKETSTORM", "id": "137201" }, { "date": "2015-02-26T17:13:09", "db": "PACKETSTORM", "id": "130545" }, { "date": "2014-12-24T11:59:00.057000", "db": "NVD", "id": "CVE-2014-3569" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-11-07T00:00:00", "db": "VULMON", "id": "CVE-2014-3569" }, { "date": "2017-01-23T00:09:00", "db": "BID", "id": "71934" }, { "date": "2016-10-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-007389" }, { "date": "2023-11-07T02:20:13.593000", "db": "NVD", "id": "CVE-2014-3569" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "71934" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL of s23_srvr.c of ssl23_get_client_hello Service disruption in functions (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-007389" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Design Error", "sources": [ { "db": "BID", "id": "71934" } ], "trust": 0.3 } }
wid-sec-w-2023-2068
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "MySQL ist ein Open Source Datenbankserver von Oracle.\r\nDer MySQL Enterprise Monitor \u00fcberwacht kontinuierlich MySQL Anfragen und performaz relevante Server Werte.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2068 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2015/wid-sec-w-2023-2068.json" }, { "category": "self", "summary": "WID-SEC-2023-2068 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2068" }, { "category": "external", "summary": "F5 Security Advisory K17115 vom 2023-08-16", "url": "https://my.f5.com/manage/s/article/K17115" }, { "category": "external", "summary": "Debian Security Advisory DSA-3229-1 vom 2015-04-19", "url": "https://www.debian.org/security/2015/dsa-3229" }, { "category": "external", "summary": "Ubuntu Security Notice USN-2575-1 vom 2015-04-21", "url": "http://www.ubuntu.com/usn/usn-2575-1/" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory Appendix MSQL vom 2015-04-14", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL" }, { "category": "external", "summary": "Ubuntu MariaDB 10.0.18 Release NotesNotice USN-2575-1 vom 2015-04-21 vom 2015-05-21", "url": "https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0946-1 vom 2015-05-26", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150946-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:1273-1 vom 2015-07-21", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00036.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-3311 vom 2015-07-20", "url": "https://www.debian.org/security/2015/dsa-3311" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:1629-1 vom 2015-08-17", "url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:1628-1 vom 2015-08-17", "url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html" }, { "category": "external", "summary": "CESA-2015:1628 Moderate CentOS 5 mysql55-mysql Security Update vom 2015-08-17", "url": "http://lists.centos.org/pipermail/centos-announce/2015-August/021331.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:1647 vom 2015-08-20", "url": "https://rhn.redhat.com/errata/RHSA-2015-1647.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:1665-1 vom 2015-08-24", "url": "https://rhn.redhat.com/errata/RHSA-2015-1665.html" }, { "category": "external", "summary": "CentOS Errata and Security Advisory 2015:1665 vom 2015-08-25", "url": "http://lists.centos.org/pipermail/centos-announce/2015-August/021345.html" }, { "category": "external", "summary": "Juniper Security Advisory JSA10698", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698" }, { "category": "external", "summary": "F5 Security Advisory SOL17115 vom 2015-10-19", "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17115.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-3621 vom 2016-07-19", "url": "https://www.debian.org/security/2016/dsa-3621" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2259-1 vom 2016-09-08", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162259-1.html" } ], "source_lang": "en-US", "title": "Oracle MySQL: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-08-15T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:40:36.570+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2068", "initial_release_date": "2015-04-14T22:00:00.000+00:00", "revision_history": [ { "date": "2015-04-14T22:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2015-04-14T22:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2015-04-19T22:00:00.000+00:00", "number": "3", "summary": "New remediations available" }, { "date": "2015-04-21T22:00:00.000+00:00", "number": "4", "summary": "New remediations available" }, { "date": "2015-04-21T22:00:00.000+00:00", "number": "5", "summary": "Version nicht vorhanden" }, { "date": "2015-05-26T22:00:00.000+00:00", "number": "6", "summary": "New remediations available" }, { "date": "2015-05-26T22:00:00.000+00:00", "number": "7", "summary": "Version nicht vorhanden" }, { "date": "2015-07-19T22:00:00.000+00:00", "number": "8", "summary": "New remediations available" }, { "date": "2015-07-19T22:00:00.000+00:00", "number": "9", "summary": "Version nicht vorhanden" }, { "date": "2015-07-21T22:00:00.000+00:00", "number": "10", "summary": "New remediations available" }, { "date": "2015-08-17T22:00:00.000+00:00", "number": "11", "summary": "New remediations available" }, { "date": "2015-08-17T22:00:00.000+00:00", "number": "12", "summary": "Version nicht vorhanden" }, { "date": "2015-08-18T22:00:00.000+00:00", "number": "13", "summary": "New remediations available" }, { "date": "2015-08-18T22:00:00.000+00:00", "number": "14", "summary": "Version nicht vorhanden" }, { "date": "2015-08-18T22:00:00.000+00:00", "number": "15", "summary": "Version nicht vorhanden" }, { "date": "2015-08-24T22:00:00.000+00:00", "number": "16", "summary": "New remediations available" }, { "date": "2015-08-24T22:00:00.000+00:00", "number": "17", "summary": "Version nicht vorhanden" }, { "date": "2015-08-25T22:00:00.000+00:00", "number": "18", "summary": "New remediations available" }, { "date": "2015-08-25T22:00:00.000+00:00", "number": "19", "summary": "Version nicht vorhanden" }, { "date": "2015-10-14T22:00:00.000+00:00", "number": "20", "summary": "New remediations available" }, { "date": "2015-10-14T22:00:00.000+00:00", "number": "21", "summary": "Version nicht vorhanden" }, { "date": "2015-10-19T22:00:00.000+00:00", "number": "22", "summary": "New remediations available" }, { "date": "2015-10-19T22:00:00.000+00:00", "number": "23", "summary": "Version nicht vorhanden" }, { "date": "2016-07-18T22:00:00.000+00:00", "number": "24", "summary": "New remediations available" }, { "date": "2016-09-07T22:00:00.000+00:00", "number": "25", "summary": "New remediations available" }, { "date": "2023-08-15T22:00:00.000+00:00", "number": "26", "summary": "Neue Updates von F5 aufgenommen" } ], "status": "final", "version": "26" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP \u003c 14.0.0", "product": { "name": "F5 BIG-IP \u003c 14.0.0", "product_id": "T023087", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:14.0.0" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Juniper Junos Space", "product": { "name": "Juniper Junos Space", "product_id": "T003343", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:-" } } } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "category": "product_name", "name": "MariaDB MariaDB \u003c 10.0.18", "product": { "name": "MariaDB MariaDB \u003c 10.0.18", "product_id": "T005086", "product_identification_helper": { "cpe": "cpe:/a:mariadb:mariadb:10.0.18" } } } ], "category": "vendor", "name": "MariaDB" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Open Source CentOS 5", "product": { "name": "Open Source CentOS 5", "product_id": "122559", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:5" } } }, { "category": "product_name", "name": "Open Source CentOS 7", "product": { "name": "Open Source CentOS 7", "product_id": "T003633", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:7" } } } ], "category": "product_name", "name": "CentOS" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle MySQL \u003c= 5.6.23", "product": { "name": "Oracle MySQL \u003c= 5.6.23", "product_id": "T004467", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql:5.6.23" } } }, { "category": "product_name", "name": "Oracle MySQL \u003c= 5.1.34", "product": { "name": "Oracle MySQL \u003c= 5.1.34", "product_id": "T004850", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql:5.1.34" } } }, { "category": "product_name", "name": "Oracle MySQL \u003c= 5.5.41", "product": { "name": "Oracle MySQL \u003c= 5.5.41", "product_id": "T004851", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql:5.5.41" } } }, { "category": "product_name", "name": "Oracle MySQL \u003c= 5.5.42", "product": { "name": "Oracle MySQL \u003c= 5.5.42", "product_id": "T004852", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql:5.5.42" } } }, { "category": "product_name", "name": "Oracle MySQL \u003c= 5.6.22", "product": { "name": "Oracle MySQL \u003c= 5.6.22", "product_id": "T004857", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql:5.6.22" } } } ], "category": "product_name", "name": "MySQL" } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux 6", "product": { "name": "Red Hat Enterprise Linux 6", "product_id": "120737", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux 5", "product": { "name": "Red Hat Enterprise Linux 5", "product_id": "T000179", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux 7", "product": { "name": "Red Hat Enterprise Linux 7", "product_id": "T003303", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server 7", "product": { "name": "Red Hat Enterprise Linux Server 7", "product_id": "T003550", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } } ], "category": "product_name", "name": "Enterprise Linux" } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Access Policy Manager 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Access Policy Manager 10.1.0 - 10.2.4", "product_id": "199182", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_access_policy_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.6.0", "product_id": "307369", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_access_policy_manager:11.6.0" } } }, { "category": "product_name", "name": "F5 BIG-IP Access Policy Manager 12.0.0", "product": { "name": "F5 BIG-IP Access Policy Manager 12.0.0", "product_id": "T005931", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_access_policy_manager:12.0.0" } } } ], "category": "product_name", "name": "big-ip_access_policy_manager" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Analytics 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Analytics 11.0.0 - 11.6.0", "product_id": "T003683", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_analytics:11.6.0" } } }, { "category": "product_name", "name": "F5 BIG-IP Analytics 12.0.0", "product": { "name": "F5 BIG-IP Analytics 12.0.0", "product_id": "T005928", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_analytics:12.0.0" } } } ], "category": "product_name", "name": "big-ip_analytics" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Application Security Manager 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Application Security Manager 10.1.0 - 10.2.4", "product_id": "T000548", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_application_security_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.6.0", "product_id": "T003684", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_application_security_manager:11.6.0" } } }, { "category": "product_name", "name": "F5 BIG-IP Application Security Manager 12.0.0", "product": { "name": "F5 BIG-IP Application Security Manager 12.0.0", "product_id": "T005932", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_application_security_manager:12.0.0" } } } ], "category": "product_name", "name": "big-ip_application_security_manager" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4", "product_id": "241405", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_edge_gateway:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0", "product": { "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0", "product_id": "269856", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_edge_gateway:11.3.0" } } } ], "category": "product_name", "name": "big-ip_edge_gateway" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Global Traffic Manager 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Global Traffic Manager 10.1.0 - 10.2.4", "product_id": "T000523", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_global_traffic_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Global Traffic Manager 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Global Traffic Manager 11.0.0 - 11.6.0", "product_id": "T003686", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_global_traffic_manager:11.6.0" } } } ], "category": "product_name", "name": "big-ip_global_traffic_manager" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Link Controller 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Link Controller 10.1.0 - 10.2.4", "product_id": "T000541", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_link_controller:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Link Controller 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Link Controller 11.0.0 - 11.6.0", "product_id": "T003687", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_link_controller:11.6.0" } } }, { "category": "product_name", "name": "F5 BIG-IP Link Controller 12.0.0", "product": { "name": "F5 BIG-IP Link Controller 12.0.0", "product_id": "T005938", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_link_controller:12.0.0" } } } ], "category": "product_name", "name": "big-ip_link_controller" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Local Traffic Manager 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Local Traffic Manager 10.1.0 - 10.2.4", "product_id": "T003382", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.6.0", "product_id": "T003681", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:11.6.0" } } }, { "category": "product_name", "name": "F5 BIG-IP Local Traffic Manager 12.0.0", "product": { "name": "F5 BIG-IP Local Traffic Manager 12.0.0", "product_id": "T005927", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:12.0.0" } } } ], "category": "product_name", "name": "big-ip_local_traffic_manager" }, { "branches": [ { "category": "product_name", "name": "F5 WAN Optimization Manager 11.0.0 - 11.3.0", "product": { "name": "F5 WAN Optimization Manager 11.0.0 - 11.3.0", "product_id": "269868", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:11.3.0" } } }, { "category": "product_name", "name": "F5 WAN Optimization Manager 10.1.0 - 10.2.4", "product": { "name": "F5 WAN Optimization Manager 10.1.0 - 10.2.4", "product_id": "T000535", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:10.2.4" } } } ], "category": "product_name", "name": "big-ip_wan_optimization_manager" }, { "branches": [ { "category": "product_name", "name": "F5 WebAccelerator 10.1.0 - 10.2.4", "product": { "name": "F5 WebAccelerator 10.1.0 - 10.2.4", "product_id": "T001411", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4" } } }, { "category": "product_name", "name": "F5 WebAccelerator 11.0.0 - 11.3.0", "product": { "name": "F5 WebAccelerator 11.0.0 - 11.3.0", "product_id": "T001412", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:11.3.0" } } } ], "category": "product_name", "name": "big-ip_webaccelerator" }, { "category": "product_name", "name": "F5 Enterprise Manager 3.0.0 - 3.1.1", "product": { "name": "F5 Enterprise Manager 3.0.0 - 3.1.1", "product_id": "269870", "product_identification_helper": { "cpe": "cpe:/a:f5:enterprise_manager:3.1.1" } } }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Protocol Security Manager 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Protocol Security Manager 10.1.0 - 10.2.4", "product_id": "T001410", "product_identification_helper": { "cpe": "cpe:/a:f5:protocol_security_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.4.1", "product_id": "T003110", "product_identification_helper": { "cpe": "cpe:/a:f5:protocol_security_manager:11.4.1" } } } ], "category": "product_name", "name": "protocol_security_manager" } ], "category": "vendor", "name": "f5" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle MySQL Enterprise Monitor \u003c= 3.0.10", "product": { "name": "Oracle MySQL Enterprise Monitor \u003c= 3.0.10", "product_id": "T004853", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql_enterprise_monitor:3.0.10" } } }, { "category": "product_name", "name": "Oracle MySQL Enterprise Monitor \u003c= 3.0.18", "product": { "name": "Oracle MySQL Enterprise Monitor \u003c= 3.0.18", "product_id": "T004854", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql_enterprise_monitor:3.0.18" } } }, { "category": "product_name", "name": "Oracle MySQL Enterprise Monitor \u003c= 2.3.16", "product": { "name": "Oracle MySQL Enterprise Monitor \u003c= 2.3.16", "product_id": "T004855", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql_enterprise_monitor:2.3.16" } } }, { "category": "product_name", "name": "Oracle MySQL Enterprise Monitor \u003c= 2.3.19", "product": { "name": "Oracle MySQL Enterprise Monitor \u003c= 2.3.19", "product_id": "T004856", "product_identification_helper": { "cpe": "cpe:/a:oracle:mysql_enterprise_monitor:2.3.19" } } } ], "category": "product_name", "name": "mysql_enterprise_monitor" } ], "category": "vendor", "name": "oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop 5", "product": { "name": "Red Hat Enterprise Linux Desktop 5", "product_id": "T000180", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux_desktop:5" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop 7", "product": { "name": "Red Hat Enterprise Linux Desktop 7", "product_id": "T003551", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux_desktop:7::desktop" } } } ], "category": "product_name", "name": "enterprise_linux_desktop" }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node 7", "product": { "name": "Red Hat Enterprise Linux HPC Node 7", "product_id": "T003549", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux_hpc_node:7" } } }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation 5", "product": { "name": "Red Hat Enterprise Linux Workstation 5", "product_id": "T000622", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux_workstation:5" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation 7", "product": { "name": "Red Hat Enterprise Linux Workstation 7", "product_id": "T003565", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux_workstation:7" } } } ], "category": "product_name", "name": "enterprise_linux_workstation" } ], "category": "vendor", "name": "redhat" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-0112", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2014-0112" }, { "cve": "CVE-2014-3569", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2014-3569" }, { "cve": "CVE-2014-7809", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2014-7809" }, { "cve": "CVE-2015-0405", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0405" }, { "cve": "CVE-2015-0423", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0423" }, { "cve": "CVE-2015-0433", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0433" }, { "cve": "CVE-2015-0438", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0438" }, { "cve": "CVE-2015-0439", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0439" }, { "cve": "CVE-2015-0441", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0441" }, { "cve": "CVE-2015-0498", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0498" }, { "cve": "CVE-2015-0499", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0499" }, { "cve": "CVE-2015-0500", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0500" }, { "cve": "CVE-2015-0501", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0501" }, { "cve": "CVE-2015-0503", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0503" }, { "cve": "CVE-2015-0505", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0505" }, { "cve": "CVE-2015-0506", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0506" }, { "cve": "CVE-2015-0507", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0507" }, { "cve": "CVE-2015-0508", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0508" }, { "cve": "CVE-2015-0511", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-0511" }, { "cve": "CVE-2015-2566", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2566" }, { "cve": "CVE-2015-2567", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2567" }, { "cve": "CVE-2015-2568", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2568" }, { "cve": "CVE-2015-2571", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2571" }, { "cve": "CVE-2015-2573", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2573" }, { "cve": "CVE-2015-2575", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2575" }, { "cve": "CVE-2015-2576", "notes": [ { "category": "description", "text": "In verschiedenen Komponenten von Oracle MySQL existieren insgesamt 26 nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"Complete\" f\u00fcr \"Integrity\", \"Availability\" und \"Confidentiality\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T003343", "269868", "T003303", "T003549", "T005927", "T005928", "269870", "T005086", "T003382", "T000180", "269856", "T004467", "T000548", "2951", "T002207", "T000622", "120737", "T000541", "307369", "122559", "T023087", "T003681", "T003683", "T003684", "T004850", "T004851", "T003565", "T003686", "T004852", "T003687", "T004853", "T004854", "T004855", "T004856", "T004857", "T000535", "T000179", "199182", "T003110", "T003550", "T003551", "T005932", "T003633", "T005931", "241405", "T005938", "T000523", "T001412", "T001411", "T001410" ] }, "release_date": "2015-04-14T22:00:00Z", "title": "CVE-2015-2576" } ] }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.