Vulnerability-Lookup

CVE-2018-0739 (GCVE-0-2018-0739)

Vulnerability from cvelistv5 – Published: 2018-03-27 21:00 – Updated: 2024-09-16 22:35

Title

Constructed ASN.1 types with a recursive definition could exceed the stack

Summary

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).

Severity

No CVSS data available.

CWE

Stack overflow

Assigner

openssl

References

34 references

URL	Tags
https://usn.ubuntu.com/3611-2/	vendor-advisoryx_refsource_UBUNTU
https://www.debian.org/security/2018/dsa-4158	vendor-advisoryx_refsource_DEBIAN
https://security.gentoo.org/glsa/201811-21	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2019:0367	vendor-advisoryx_refsource_REDHAT
https://www.debian.org/security/2018/dsa-4157	vendor-advisoryx_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2018:3505	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/103518	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040576	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3221	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/105609	vdb-entryx_refsource_BID
https://usn.ubuntu.com/3611-1/	vendor-advisoryx_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:0366	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3090	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1711	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1712	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
https://www.oracle.com/technetwork/security-advis…	x_refsource_CONFIRM
https://www.oracle.com/technetwork/security-advis…	x_refsource_MISC
https://www.oracle.com/technetwork/security-advis…	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2018072…	x_refsource_CONFIRM
https://security.gentoo.org/glsa/202007-53	vendor-advisoryx_refsource_GENTOO
https://securityadvisories.paloaltonetworks.com/H…	x_refsource_CONFIRM
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
https://www.tenable.com/security/tns-2018-07	x_refsource_CONFIRM
https://www.tenable.com/security/tns-2018-04	x_refsource_CONFIRM
https://nodejs.org/en/blog/vulnerability/march-20…	x_refsource_CONFIRM
https://git.openssl.org/gitweb/?p=openssl.git%3Ba…	x_refsource_CONFIRM
https://git.openssl.org/gitweb/?p=openssl.git%3Ba…	x_refsource_CONFIRM
https://www.tenable.com/security/tns-2018-06	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-2018033…	x_refsource_CONFIRM
https://www.openssl.org/news/secadv/20180327.txt	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
OpenSSL	OpenSSL	Affected: Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g) Affected: Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n)

Date Public

2018-03-27 00:00

Credits

OSS-fuzz

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:35:49.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3611-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3611-2/"
          },
          {
            "name": "DSA-4158",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4158"
          },
          {
            "name": "GLSA-201811-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201811-21"
          },
          {
            "name": "RHSA-2019:0367",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0367"
          },
          {
            "name": "DSA-4157",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4157"
          },
          {
            "name": "RHSA-2018:3505",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3505"
          },
          {
            "name": "103518",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103518"
          },
          {
            "name": "1040576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040576"
          },
          {
            "name": "RHSA-2018:3221",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3221"
          },
          {
            "name": "105609",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105609"
          },
          {
            "name": "USN-3611-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3611-1/"
          },
          {
            "name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1330-1] openssl security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html"
          },
          {
            "name": "RHSA-2019:0366",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0366"
          },
          {
            "name": "RHSA-2018:3090",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3090"
          },
          {
            "name": "RHSA-2019:1711",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1711"
          },
          {
            "name": "RHSA-2019:1712",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1712"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
          },
          {
            "name": "GLSA-202007-53",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-53"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2018-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2018-04"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2018-06"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180330-0002/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20180327.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g)"
            },
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "OSS-fuzz"
        }
      ],
      "datePublic": "2018-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#Moderate",
              "value": "Moderate"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Stack overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-20T22:53:11.000Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "USN-3611-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3611-2/"
        },
        {
          "name": "DSA-4158",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4158"
        },
        {
          "name": "GLSA-201811-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201811-21"
        },
        {
          "name": "RHSA-2019:0367",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0367"
        },
        {
          "name": "DSA-4157",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4157"
        },
        {
          "name": "RHSA-2018:3505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3505"
        },
        {
          "name": "103518",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103518"
        },
        {
          "name": "1040576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040576"
        },
        {
          "name": "RHSA-2018:3221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3221"
        },
        {
          "name": "105609",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105609"
        },
        {
          "name": "USN-3611-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3611-1/"
        },
        {
          "name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1330-1] openssl security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html"
        },
        {
          "name": "RHSA-2019:0366",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0366"
        },
        {
          "name": "RHSA-2018:3090",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3090"
        },
        {
          "name": "RHSA-2019:1711",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1711"
        },
        {
          "name": "RHSA-2019:1712",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1712"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
        },
        {
          "name": "GLSA-202007-53",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-53"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2018-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2018-04"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2018-06"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180330-0002/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openssl.org/news/secadv/20180327.txt"
        }
      ],
      "title": "Constructed ASN.1 types with a recursive definition could exceed the stack",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "openssl-security@openssl.org",
          "DATE_PUBLIC": "2018-03-27",
          "ID": "CVE-2018-0739",
          "STATE": "PUBLIC",
          "TITLE": "Constructed ASN.1 types with a recursive definition could exceed the stack"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "OpenSSL",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g)"
                          },
                          {
                            "version_value": "Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "OpenSSL"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "OSS-fuzz"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n)."
            }
          ]
        },
        "impact": [
          {
            "lang": "eng",
            "url": "https://www.openssl.org/policies/secpolicy.html#Moderate",
            "value": "Moderate"
          }
        ],
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Stack overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3611-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3611-2/"
            },
            {
              "name": "DSA-4158",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4158"
            },
            {
              "name": "GLSA-201811-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201811-21"
            },
            {
              "name": "RHSA-2019:0367",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0367"
            },
            {
              "name": "DSA-4157",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4157"
            },
            {
              "name": "RHSA-2018:3505",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3505"
            },
            {
              "name": "103518",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103518"
            },
            {
              "name": "1040576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040576"
            },
            {
              "name": "RHSA-2018:3221",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3221"
            },
            {
              "name": "105609",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105609"
            },
            {
              "name": "USN-3611-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3611-1/"
            },
            {
              "name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1330-1] openssl security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html"
            },
            {
              "name": "RHSA-2019:0366",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0366"
            },
            {
              "name": "RHSA-2018:3090",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3090"
            },
            {
              "name": "RHSA-2019:1711",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1711"
            },
            {
              "name": "RHSA-2019:1712",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1712"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
            },
            {
              "name": "GLSA-202007-53",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-53"
            },
            {
              "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133",
              "refsource": "CONFIRM",
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2018-07",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2018-07"
            },
            {
              "name": "https://www.tenable.com/security/tns-2018-04",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2018-04"
            },
            {
              "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/",
              "refsource": "CONFIRM",
              "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d"
            },
            {
              "name": "https://www.tenable.com/security/tns-2018-06",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2018-06"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180330-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180330-0002/"
            },
            {
              "name": "https://www.openssl.org/news/secadv/20180327.txt",
              "refsource": "CONFIRM",
              "url": "https://www.openssl.org/news/secadv/20180327.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2018-0739",
    "datePublished": "2018-03-27T21:00:00.000Z",
    "dateReserved": "2017-11-30T00:00:00.000Z",
    "dateUpdated": "2024-09-16T22:35:29.998Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-0739",
      "date": "2026-05-28",
      "epss": "0.14445",
      "percentile": "0.9453"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.2b\", \"versionEndIncluding\": \"1.0.2n\", \"matchCriteriaId\": \"FFF63A06-9A8B-4280-A52D-4280136908CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.1.0\", \"versionEndIncluding\": \"1.1.0g\", \"matchCriteriaId\": \"322768B5-2E14-40B9-A784-8981F4376E13\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9070C9D8-A14A-467F-8253-33B966C16886\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\"}, {\"lang\": \"es\", \"value\": \"Los tipos constructed ASN.1 con una definici\\u00f3n recursiva (como la que podemos encontrar en PKCS7) podr\\u00edan acabar excediendo la pila debido a entradas maliciosas con recursi\\u00f3n excesiva. Esto podr\\u00eda dar como resultado un ataque de denegaci\\u00f3n de servicio (DoS). No hay estructuras de este tipo empleadas en SSL/TLS que provengan de fuentes no fiables, por lo que se consideran seguras. Solucionado en OpenSSL 1.1.0h (versiones 1.1.0-1.1.0g afectadas). Solucionado en OpenSSL 1.0.2o (versiones 1.0.2b-1.0.2n afectadas).\"}]",
      "id": "CVE-2018-0739",
      "lastModified": "2024-11-21T03:38:50.910",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-03-27T21:29:00.673",
      "references": "[{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"http://www.securityfocus.com/bid/103518\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/105609\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"http://www.securitytracker.com/id/1040576\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3090\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3221\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3505\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0366\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0367\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1711\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1712\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://security.gentoo.org/glsa/201811-21\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202007-53\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180330-0002/\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180726-0002/\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://usn.ubuntu.com/3611-1/\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3611-2/\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4157\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4158\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openssl.org/news/secadv/20180327.txt\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-04\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-06\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-07\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/103518\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/105609\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1040576\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3090\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3505\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0366\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0367\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1711\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1712\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201811-21\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202007-53\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180330-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180726-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/3611-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3611-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4157\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4158\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.openssl.org/news/secadv/20180327.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-06\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.tenable.com/security/tns-2018-07\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "openssl-security@openssl.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-674\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-0739\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2018-03-27T21:29:00.673\",\"lastModified\":\"2024-11-21T03:38:50.910\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\"},{\"lang\":\"es\",\"value\":\"Los tipos constructed ASN.1 con una definici\u00f3n recursiva (como la que podemos encontrar en PKCS7) podr\u00edan acabar excediendo la pila debido a entradas maliciosas con recursi\u00f3n excesiva. Esto podr\u00eda dar como resultado un ataque de denegaci\u00f3n de servicio (DoS). No hay estructuras de este tipo empleadas en SSL/TLS que provengan de fuentes no fiables, por lo que se consideran seguras. Solucionado en OpenSSL 1.1.0h (versiones 1.1.0-1.1.0g afectadas). Solucionado en OpenSSL 1.0.2o (versiones 1.0.2b-1.0.2n afectadas).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-674\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2b\",\"versionEndIncluding\":\"1.0.2n\",\"matchCriteriaId\":\"FFF63A06-9A8B-4280-A52D-4280136908CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0\",\"versionEndIncluding\":\"1.1.0g\",\"matchCriteriaId\":\"322768B5-2E14-40B9-A784-8981F4376E13\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.securityfocus.com/bid/103518\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/105609\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.securitytracker.com/id/1040576\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3090\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3221\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3505\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0366\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0367\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1711\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1712\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.gentoo.org/glsa/201811-21\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.gentoo.org/glsa/202007-53\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180330-0002/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://usn.ubuntu.com/3611-1/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3611-2/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4157\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4158\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180327.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-04\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-06\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.tenable.com/security/tns-2018-07\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/103518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/105609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1040576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0366\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1711\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1712\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9310d45087ae546e27e61ddf8f6367f29848220d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201811-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202007-53\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180330-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180726-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://securityadvisories.paloaltonetworks.com/Home/Detail/133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3611-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3611-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20180327.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.tenable.com/security/tns-2018-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.tenable.com/security/tns-2018-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.tenable.com/security/tns-2018-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

WID-SEC-W-2023-1969

Vulnerability from csaf_certbund - Published: 2023-08-06 22:00 - Updated: 2023-08-06 22:00

Summary

HPE Fabric OS: Mehrere Schwachstellen ermöglichen Privilegieneskalation

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Fabric OS (FOS) ist ein Betriebssystem für FibreChannel Switches.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HPE Fabric OS für HPE Fibre Channel und SAN Switches ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme: - BIOS/Firmware - Hardware Appliance

CVE-2023-31928

In HPE Fabric OS für HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuführen.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31927

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31926

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31432

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31431

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31430

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31429

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31428

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31427

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31426

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2023-31425

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-44792

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-3786

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-3602

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-29154

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-28615

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-28614

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-25313

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-25236

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-25235

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-24448

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-23219

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-2097

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-2068

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-0778

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-0322

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2022-0155

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-45486

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-45485

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-41617

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-4145

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-39275

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-3800

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-20193

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2021-0146

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2020-36558

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2020-36557

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2020-15861

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2020-14145

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2019-0220

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2018-7738

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2018-25032

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2018-14404

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2018-14348

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2018-0739

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2014-2524

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2012-0060

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

CVE-2011-4917

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HPE Switch SAN HPE / Switch	`cpe:/h:hp:switch:san_switch`	—
HPE Switch Fibre Channel HPE / Switch	`cpe:/h:hp:switch:fibre_channel`	—

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.hpe.com/hpesc/public/docDisplay?d…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Fabric OS (FOS) ist ein Betriebssystem f\u00fcr FibreChannel Switches.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware\n- Hardware Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1969 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1969.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1969 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1969"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin HPESBST04494 vom 2023-08-04",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
      }
    ],
    "source_lang": "en-US",
    "title": "HPE Fabric OS: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
    "tracking": {
      "current_release_date": "2023-08-06T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:56:35.841+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-1969",
      "initial_release_date": "2023-08-06T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-08-06T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c 9.1.1",
                "product": {
                  "name": "HPE Fabric OS \u003c 9.1.1",
                  "product_id": "T024587",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:9.1.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c v8.2.3c",
                "product": {
                  "name": "HPE Fabric OS \u003c v8.2.3c",
                  "product_id": "T024589",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:v8.2.3c"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c 7.4.2j",
                "product": {
                  "name": "HPE Fabric OS \u003c 7.4.2j",
                  "product_id": "T029096",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:7.4.2j"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c v8.2.3d",
                "product": {
                  "name": "HPE Fabric OS \u003c v8.2.3d",
                  "product_id": "T029097",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:v8.2.3d"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c 9.0.1e",
                "product": {
                  "name": "HPE Fabric OS \u003c 9.0.1e",
                  "product_id": "T029098",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:9.0.1e"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Fabric OS \u003c 9.1.1c",
                "product": {
                  "name": "HPE Fabric OS \u003c 9.1.1c",
                  "product_id": "T029101",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:9.1.1c"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Fabric OS"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE Switch SAN",
                "product": {
                  "name": "HPE Switch SAN",
                  "product_id": "T029100",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:switch:san_switch"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE Switch Fibre Channel",
                "product": {
                  "name": "HPE Switch Fibre Channel",
                  "product_id": "T029104",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:switch:fibre_channel"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Switch"
          }
        ],
        "category": "vendor",
        "name": "HPE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-31928",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31928"
    },
    {
      "cve": "CVE-2023-31927",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31927"
    },
    {
      "cve": "CVE-2023-31926",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31926"
    },
    {
      "cve": "CVE-2023-31432",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31432"
    },
    {
      "cve": "CVE-2023-31431",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31431"
    },
    {
      "cve": "CVE-2023-31430",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31430"
    },
    {
      "cve": "CVE-2023-31429",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31429"
    },
    {
      "cve": "CVE-2023-31428",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31428"
    },
    {
      "cve": "CVE-2023-31427",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31427"
    },
    {
      "cve": "CVE-2023-31426",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31426"
    },
    {
      "cve": "CVE-2023-31425",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2023-31425"
    },
    {
      "cve": "CVE-2022-44792",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-44792"
    },
    {
      "cve": "CVE-2022-3786",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-3786"
    },
    {
      "cve": "CVE-2022-3602",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-3602"
    },
    {
      "cve": "CVE-2022-29154",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-29154"
    },
    {
      "cve": "CVE-2022-28615",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-28615"
    },
    {
      "cve": "CVE-2022-28614",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-28614"
    },
    {
      "cve": "CVE-2022-25313",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-25236",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2022-25235",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-25235"
    },
    {
      "cve": "CVE-2022-24448",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-24448"
    },
    {
      "cve": "CVE-2022-23219",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-23219"
    },
    {
      "cve": "CVE-2022-2097",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-2068",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-0778",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-0322",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-0322"
    },
    {
      "cve": "CVE-2022-0155",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2022-0155"
    },
    {
      "cve": "CVE-2021-45486",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-45486"
    },
    {
      "cve": "CVE-2021-45485",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-45485"
    },
    {
      "cve": "CVE-2021-41617",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-41617"
    },
    {
      "cve": "CVE-2021-4145",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-4145"
    },
    {
      "cve": "CVE-2021-39275",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-39275"
    },
    {
      "cve": "CVE-2021-3800",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-3800"
    },
    {
      "cve": "CVE-2021-20193",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-20193"
    },
    {
      "cve": "CVE-2021-0146",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2021-0146"
    },
    {
      "cve": "CVE-2020-36558",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2020-36558"
    },
    {
      "cve": "CVE-2020-36557",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2020-36557"
    },
    {
      "cve": "CVE-2020-15861",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2020-15861"
    },
    {
      "cve": "CVE-2020-14145",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2020-14145"
    },
    {
      "cve": "CVE-2019-0220",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2019-0220"
    },
    {
      "cve": "CVE-2018-7738",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2018-7738"
    },
    {
      "cve": "CVE-2018-25032",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2018-14404",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-14348",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2018-14348"
    },
    {
      "cve": "CVE-2018-0739",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2018-0739"
    },
    {
      "cve": "CVE-2014-2524",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2014-2524"
    },
    {
      "cve": "CVE-2012-0060",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2012-0060"
    },
    {
      "cve": "CVE-2011-4917",
      "notes": [
        {
          "category": "description",
          "text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T029100",
          "T029104"
        ]
      },
      "release_date": "2023-08-06T22:00:00.000+00:00",
      "title": "CVE-2011-4917"
    }
  ]
}

WID-SEC-W-2023-2048

Vulnerability from csaf_certbund - Published: 2018-03-27 22:00 - Updated: 2024-01-25 23:00

Summary

OpenSSL: Mehrere Schwachstellen

Severity

Mittel

Notes

Produktbeschreibung: OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen oder um Sicherheitsmechanismen zu umgehen.

Betroffene Betriebssysteme: - UNIX - Linux - Windows - Juniper Appliance

CVE-2018-0739

Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle besteht bei der Verarbeitung von speziell gestalteten ASN.1 Typen mit rekursiven Definitionen. Ein Angreifer kann dieses nutzen und den Stack mit zahlreichen Rekursionen überschreiben und so einen Denial of Service Angriff durchführen.

Affected products

Known affected 13 products

Product	Identifier	Version
Oracle VM Oracle	`cpe:/a:oracle:vm:-`	—
Huawei OceanStor Huawei	`cpe:/h:huawei:oceanstor_uds:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
NetApp Data ONTAP NetApp	`cpe:/a:netapp:data_ontap:-`	—
Broadcom Brocade Switch Broadcom	`cpe:/h:brocade:switch:-`	—
HPE Switch HPE	`cpe:/h:hp:switch:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Dell NetWorker < 19.10 Dell	`cpe:/a:dell:networker:19.10`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—

Last affected 1 product

Product	Identifier	Version	Remediation
McAfee Email Gateway <= 7.6 McAfee	`cpe:/a:mcafee:email_gateway:7.6`	—

CVE-2018-0733

Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle beruht auf einem Fehler in der Implementierung der PA-RISC "CRYPTO_memcmp" Funktion und bewirkt, dass nur das letzte signifikante Bit jedes Bytes verglichen wird. In der Folge ist es möglich, dass Nachrichten eines Angreifers als authentisiert angesehen werden. Nur HP-UX PA-RISC Systeme sind von dieser Schwachstelle betroffen.

Affected products

Known affected 12 products

Product	Identifier	Version
Oracle VM Oracle	`cpe:/a:oracle:vm:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
NetApp Data ONTAP NetApp	`cpe:/a:netapp:data_ontap:-`	—
Broadcom Brocade Switch Broadcom	`cpe:/h:brocade:switch:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
HPE Switch HPE	`cpe:/h:hp:switch:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Dell NetWorker < 19.10 Dell	`cpe:/a:dell:networker:19.10`	—

Last affected 1 product

Product	Identifier	Version	Remediation
McAfee Email Gateway <= 7.6 McAfee	`cpe:/a:mcafee:email_gateway:7.6`	—

References

41 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
http://www.openssl.org/news/secadv/20180327.txt	external
http://www.ubuntu.com/usn/usn-3611-1	external
https://www.debian.org/security/2018/dsa-4158	external
https://www.debian.org/security/2018/dsa-4157	external
https://security.netapp.com/advisory/ntap-2018033…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://lists.opensuse.org/opensuse-security-anno…	external
https://kc.mcafee.com/corporate/index?page=conten…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2018-4228.html	external
http://linux.oracle.com/errata/ELSA-2018-4229.html	external
https://securityadvisories.paloaltonetworks.com/(…	external
https://access.redhat.com/errata/RHSA-2018:3221	external
https://access.redhat.com/errata/RHSA-2018:3090	external
http://linux.oracle.com/errata/ELSA-2018-3090.html	external
http://linux.oracle.com/errata/ELSA-2018-3221.html	external
http://linux.oracle.com/errata/ELSA-2018-4267.html	external
https://security.gentoo.org/glsa/201811-21	external
https://access.redhat.com/errata/RHSA-2019:0367	external
https://access.redhat.com/errata/RHSA-2019:0366	external
http://linux.oracle.com/errata/ELSA-2019-4581.html	external
https://access.redhat.com/errata/RHSA-2019:1712	external
https://access.redhat.com/errata/RHSA-2019:1711	external
http://linux.oracle.com/errata/ELSA-2019-2471.html	external
https://oss.oracle.com/pipermail/oraclevm-errata/…	external
http://linux.oracle.com/errata/ELSA-2019-4747.html	external
http://kb.juniper.net/InfoCenter/index?page=conte…	external
https://security.gentoo.org/glsa/202007-53	external
https://www.huawei.com/en/psirt/security-advisori…	external
https://linux.oracle.com/errata/ELSA-2021-9150.html	external
https://linux.oracle.com/errata/ELSA-2022-9272.html	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://www.dell.com/support/kbdoc/en-us/00022147…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder um Sicherheitsmechanismen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Juniper Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2048 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2023-2048.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2048 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2048"
      },
      {
        "category": "external",
        "summary": "OpenSSL Security Advisory vom 2018-03-27",
        "url": "http://www.openssl.org/news/secadv/20180327.txt"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3611-1 vom 2018-03-29",
        "url": "http://www.ubuntu.com/usn/usn-3611-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4158 vom 2018-03-30",
        "url": "https://www.debian.org/security/2018/dsa-4158"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4157 vom 2018-03-30",
        "url": "https://www.debian.org/security/2018/dsa-4157"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20180330-0002 vom 2018-03-31",
        "url": "https://security.netapp.com/advisory/ntap-20180330-0002/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0902-1 vom 2018-04-09",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180902-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0905-1 vom 2018-04-10",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180905-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0906-1 vom 2018-04-10",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180906-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0925-1 vom 2018-04-12",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180925-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0975-1 vom 2018-04-18",
        "url": "https://lists.opensuse.org/opensuse-security-announce/2018-04/msg00013.html"
      },
      {
        "category": "external",
        "summary": "McAfee Security Bulletin: SB10239",
        "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10239"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2072-1 vom 2018-07-27",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182072-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2158-1 vom 2018-08-02",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182158-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2534-1 vom 2018-08-28",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182534-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:2683-1 vom 2018-09-11",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182683-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4228 vom 2018-09-26",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4228.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4229 vom 2018-09-27",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4229.html"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisory",
        "url": "https://securityadvisories.paloaltonetworks.com/(X(1)S(ail5o3zckluehpmm4upvcd2c))/Home/Detail/133"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3221 vom 2018-10-31",
        "url": "https://access.redhat.com/errata/RHSA-2018:3221"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3090 vom 2018-10-31",
        "url": "https://access.redhat.com/errata/RHSA-2018:3090"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-3090 vom 2018-11-06",
        "url": "http://linux.oracle.com/errata/ELSA-2018-3090.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-3221 vom 2018-11-06",
        "url": "http://linux.oracle.com/errata/ELSA-2018-3221.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4267 vom 2018-11-07",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4267.html"
      },
      {
        "category": "external",
        "summary": "GENTOO Security Advisory GLSA201811-21 vom 2018-11-29",
        "url": "https://security.gentoo.org/glsa/201811-21"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:0367 vom 2019-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2019:0367"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:0366 vom 2019-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2019:0366"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:1712 vom 2019-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2019:1712"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:1711 vom 2019-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2019:1711"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-2471 vom 2019-08-14",
        "url": "http://linux.oracle.com/errata/ELSA-2019-2471.html"
      },
      {
        "category": "external",
        "summary": "Oraclevm-errata OVMSA-2019-0040 vom 2019-08-15",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-August/000956.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4747.html"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA10990 vom 2020-01-08",
        "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026actp=RSS"
      },
      {
        "category": "external",
        "summary": "GENTOO Security Advisory GLSA-202007-53 vom 2020-07-28",
        "url": "https://security.gentoo.org/glsa/202007-53"
      },
      {
        "category": "external",
        "summary": "Huawei Security Advisory HUAWEI-SA-20180613-01-OPENSSL vom 2020-08-19",
        "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180613-01-openssl-en"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01",
        "url": "https://linux.oracle.com/errata/ELSA-2021-9150.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9272.html"
      },
      {
        "category": "external",
        "summary": "HPE Securi+y Bulletin",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
      },
      {
        "category": "external",
        "summary": "Dell Knowledge Base Article",
        "url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "OpenSSL: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-01-25T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:57:00.723+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2048",
      "initial_release_date": "2018-03-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2018-03-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2018-03-27T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-03-28T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-02T22:00:00.000+00:00",
          "number": "4",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-08T22:00:00.000+00:00",
          "number": "5",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-09T22:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-12T22:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-17T22:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2018-05-27T22:00:00.000+00:00",
          "number": "9",
          "summary": "Added references"
        },
        {
          "date": "2018-06-13T22:00:00.000+00:00",
          "number": "10",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-07-12T22:00:00.000+00:00",
          "number": "11",
          "summary": "Added references"
        },
        {
          "date": "2018-08-01T22:00:00.000+00:00",
          "number": "12",
          "summary": "New remediations available"
        },
        {
          "date": "2018-08-01T22:00:00.000+00:00",
          "number": "13",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-08-01T22:00:00.000+00:00",
          "number": "14",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-08-28T22:00:00.000+00:00",
          "number": "15",
          "summary": "New remediations available"
        },
        {
          "date": "2018-09-10T22:00:00.000+00:00",
          "number": "16",
          "summary": "New remediations available"
        },
        {
          "date": "2018-09-11T22:00:00.000+00:00",
          "number": "17",
          "summary": "Produkte erg\u00e4nzt"
        },
        {
          "date": "2018-09-26T22:00:00.000+00:00",
          "number": "18",
          "summary": "New remediations available"
        },
        {
          "date": "2018-09-27T22:00:00.000+00:00",
          "number": "19",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-11T22:00:00.000+00:00",
          "number": "20",
          "summary": "New remediations available"
        },
        {
          "date": "2018-10-30T23:00:00.000+00:00",
          "number": "21",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-05T23:00:00.000+00:00",
          "number": "22",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-06T23:00:00.000+00:00",
          "number": "23",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-28T23:00:00.000+00:00",
          "number": "24",
          "summary": "New remediations available"
        },
        {
          "date": "2019-02-18T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2019-03-13T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-07-09T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2019-08-13T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-08-15T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Oracle"
        },
        {
          "date": "2019-08-18T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2020-01-08T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Juniper aufgenommen"
        },
        {
          "date": "2020-02-26T23:00:00.000+00:00",
          "number": "32",
          "summary": "Referenz(en) aufgenommen: SUSE-SU-2020:0495-1"
        },
        {
          "date": "2020-07-28T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von GENTOO aufgenommen"
        },
        {
          "date": "2020-08-18T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Huawei aufgenommen"
        },
        {
          "date": "2021-03-31T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-04-10T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-08-13T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "38"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Broadcom Brocade Switch",
            "product": {
              "name": "Broadcom Brocade Switch",
              "product_id": "T015844",
              "product_identification_helper": {
                "cpe": "cpe:/h:brocade:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell NetWorker \u003c 19.10",
            "product": {
              "name": "Dell NetWorker \u003c 19.10",
              "product_id": "T032354",
              "product_identification_helper": {
                "cpe": "cpe:/a:dell:networker:19.10"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE Switch",
            "product": {
              "name": "HPE Switch",
              "product_id": "T005119",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Huawei OceanStor",
            "product": {
              "name": "Huawei OceanStor",
              "product_id": "516536",
              "product_identification_helper": {
                "cpe": "cpe:/h:huawei:oceanstor_uds:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Huawei"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Juniper JUNOS",
            "product": {
              "name": "Juniper JUNOS",
              "product_id": "5930",
              "product_identification_helper": {
                "cpe": "cpe:/o:juniper:junos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Juniper"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "McAfee Email Gateway \u003c= 7.6",
            "product": {
              "name": "McAfee Email Gateway \u003c= 7.6",
              "product_id": "227382",
              "product_identification_helper": {
                "cpe": "cpe:/a:mcafee:email_gateway:7.6"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "McAfee"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp Data ONTAP",
            "product": {
              "name": "NetApp Data ONTAP",
              "product_id": "7654",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:data_ontap:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Open Source OpenSSL \u003c 1.1.0h",
                "product": {
                  "name": "Open Source OpenSSL \u003c 1.1.0h",
                  "product_id": "T011392",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openssl:openssl:1.1.0h"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Open Source OpenSSL \u003c 1.0.2o",
                "product": {
                  "name": "Open Source OpenSSL \u003c 1.0.2o",
                  "product_id": "T011991",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openssl:openssl:1.0.2o"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenSSL"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Oracle VM",
            "product": {
              "name": "Oracle VM",
              "product_id": "T011119",
              "product_identification_helper": {
                "cpe": "cpe:/a:oracle:vm:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "PaloAlto Networks PAN-OS \u003c 8.1.4",
            "product": {
              "name": "PaloAlto Networks PAN-OS \u003c 8.1.4",
              "product_id": "T012878",
              "product_identification_helper": {
                "cpe": "cpe:/o:paloaltonetworks:pan-os:8.1.4"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-0739",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle besteht bei der Verarbeitung von speziell gestalteten ASN.1 Typen mit rekursiven Definitionen. Ein Angreifer kann dieses nutzen und den Stack mit zahlreichen Rekursionen \u00fcberschreiben und so einen Denial of Service Angriff durchf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "516536",
          "67646",
          "7654",
          "T015844",
          "T005119",
          "T012167",
          "T004914",
          "T032354",
          "2951",
          "T002207",
          "T000126",
          "5930"
        ],
        "last_affected": [
          "227382"
        ]
      },
      "release_date": "2018-03-27T22:00:00.000+00:00",
      "title": "CVE-2018-0739"
    },
    {
      "cve": "CVE-2018-0733",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle beruht auf einem Fehler in der Implementierung der PA-RISC \"CRYPTO_memcmp\" Funktion und bewirkt, dass nur das letzte signifikante Bit jedes Bytes verglichen wird. In der Folge ist es m\u00f6glich, dass Nachrichten eines Angreifers als authentisiert angesehen werden. Nur HP-UX PA-RISC Systeme sind von dieser Schwachstelle betroffen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "7654",
          "T015844",
          "5930",
          "T005119",
          "T012167",
          "T004914",
          "T032354"
        ],
        "last_affected": [
          "227382"
        ]
      },
      "release_date": "2018-03-27T22:00:00.000+00:00",
      "title": "CVE-2018-0733"
    }
  ]
}

WID-SEC-W-2025-1212

Vulnerability from csaf_certbund - Published: 2019-04-16 22:00 - Updated: 2025-06-02 22:00

Summary

Oracle Communications Applications: Mehrere Schwachstellen

Severity

Mittel

Notes

Produktbeschreibung: Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an. Oracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation. Oracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen ermöglicht.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2015-9251

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2016-1000031

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2016-1181

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2016-1182

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2016-7055

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2016-8735

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-0861

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-12617

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-15265

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3730

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3731

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3732

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3733

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3735

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3736

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-3738

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-5645

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-5664

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-5753

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-5754

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2017-7525

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-0732

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-0733

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-0734

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-0737

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-0739

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-1000004

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-1000180

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-1000613

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-10901

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11039

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11040

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11218

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11219

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11236

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11237

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-11784

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-12384

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-12404

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-1257

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-1258

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-16864

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-16865

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-16890

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-3620

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-3646

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-3693

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-6485

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-7489

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2018-7566

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2019-3822

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

CVE-2019-3823

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Policy Management 12.2 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.2`	12.2
Oracle Communications Unified Inventory Management 7.4.0 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.4.0`	7.4.0
Oracle Communications LSMS 13.3 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.3`	13.3
Oracle Communications Unified Inventory Management 7.3.4 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.4`	7.3.4
Oracle Communications LSMS 13.1 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.1`	13.1
Oracle Communications Messaging Server 8.1 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.1`	8.1
Oracle Communications EAGLE LNP Application Processor 10.2 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2`	10.2
Oracle Communications Unified Inventory Management 7.3.5 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.5`	7.3.5
Oracle Communications LSMS 13.2 Oracle / Communications LSMS	`cpe:/a:oracle:communications_lsms:13.2`	13.2
Oracle Communications Unified Inventory Management 7.3.2 oracle / communications_unified_inventory_management	`cpe:/a:oracle:communications_unified_inventory_management:7.3.2`	7.3.2
Oracle Communications EAGLE LNP Application Processor 10.0 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0`	10
Oracle Communications Session Border Controller 8.1.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.1.0`	8.1.0
Xerox FreeFlow Print Server 9 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:9`	9
Oracle Communications EAGLE LNP Application Processor 10.1 Oracle / Communications EAGLE LNP Application Processor	`cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1`	10.1
Oracle Communications Session Border Controller 8.0.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.0.0`	8.0.0
Oracle Communications Policy Management 12.4 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.4`	12.4
Oracle Communications Session Border Controller 8.2.0 Oracle / Communications Session Border Controller	`cpe:/a:oracle:communications_session_border_controller:8.2.0`	8.2.0
Oracle Communications Policy Management 12.1 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.1`	12.1
Oracle Communications Policy Management 12.3 Oracle / Communications Policy Management	`cpe:/a:oracle:communications_policy_management:12.3`	12.3
Oracle Enterprise Communications Broker 3.1.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.1.0`	3.1.0
Oracle Communications Messaging Server 8.0 Oracle / Communications Messaging Server	`cpe:/a:oracle:communications_messaging_server:8.0`	8
Oracle Enterprise Communications Broker 3.0.0 Oracle / Enterprise Communications Broker	`cpe:/a:oracle:enterprise_communications_broker:3.0.0`	3.0.0
Oracle Communications Service Broker 6.0 Oracle / Communications Service Broker	`cpe:/a:oracle:communications_service_broker:6.0`	6
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/technetwork/security-advis…	external
https://usn.ubuntu.com/4218-1/	external
https://security.business.xerox.com/wp-content/up…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an.\r\nOracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation.\r\nOracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen erm\u00f6glicht.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1212 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2025-1212.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1212 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1212"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - April 2019 vom 2019-04-16",
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixCGBU"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4218-1 vom 2019-12-11",
        "url": "https://usn.ubuntu.com/4218-1/"
      },
      {
        "category": "external",
        "summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
        "url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-02T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-03T09:23:36.426+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-1212",
      "initial_release_date": "2019-04-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2019-04-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2019-04-17T22:00:00.000+00:00",
          "number": "2",
          "summary": "Schreibfehler korrigiert"
        },
        {
          "date": "2019-12-10T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-06-02T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von XEROX aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "10",
                "product": {
                  "name": "Oracle Communications EAGLE LNP Application Processor 10.0",
                  "product_id": "T014014",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.1",
                "product": {
                  "name": "Oracle Communications EAGLE LNP Application Processor 10.1",
                  "product_id": "T014015",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.2",
                "product": {
                  "name": "Oracle Communications EAGLE LNP Application Processor 10.2",
                  "product_id": "T014016",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications EAGLE LNP Application Processor"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "13.1",
                "product": {
                  "name": "Oracle Communications LSMS 13.1",
                  "product_id": "T006217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_lsms:13.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "13.2",
                "product": {
                  "name": "Oracle Communications LSMS 13.2",
                  "product_id": "T014017",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_lsms:13.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "13.3",
                "product": {
                  "name": "Oracle Communications LSMS 13.3",
                  "product_id": "T014018",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_lsms:13.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications LSMS"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.1",
                "product": {
                  "name": "Oracle Communications Messaging Server 8.1",
                  "product_id": "T014019",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_messaging_server:8.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "Oracle Communications Messaging Server 8.0",
                  "product_id": "T014020",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_messaging_server:8.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications Messaging Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12.2",
                "product": {
                  "name": "Oracle Communications Policy Management 12.2",
                  "product_id": "T009732",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_policy_management:12.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.1",
                "product": {
                  "name": "Oracle Communications Policy Management 12.1",
                  "product_id": "T014021",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_policy_management:12.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.3",
                "product": {
                  "name": "Oracle Communications Policy Management 12.3",
                  "product_id": "T014022",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_policy_management:12.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.4",
                "product": {
                  "name": "Oracle Communications Policy Management 12.4",
                  "product_id": "T014023",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_policy_management:12.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications Policy Management"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6",
                "product": {
                  "name": "Oracle Communications Service Broker 6.0",
                  "product_id": "329193",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_service_broker:6.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications Service Broker"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.2.0",
                "product": {
                  "name": "Oracle Communications Session Border Controller 8.2.0",
                  "product_id": "T014024",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_session_border_controller:8.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.0",
                "product": {
                  "name": "Oracle Communications Session Border Controller 8.1.0",
                  "product_id": "T014025",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_session_border_controller:8.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0",
                "product": {
                  "name": "Oracle Communications Session Border Controller 8.0.0",
                  "product_id": "T014026",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_session_border_controller:8.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications Session Border Controller"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.1.0",
                "product": {
                  "name": "Oracle Enterprise Communications Broker 3.1.0",
                  "product_id": "T014030",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:enterprise_communications_broker:3.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.0.0",
                "product": {
                  "name": "Oracle Enterprise Communications Broker 3.0.0",
                  "product_id": "T014031",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:enterprise_communications_broker:3.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Communications Broker"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "Xerox FreeFlow Print Server 9",
                  "product_id": "T002977",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:xerox:freeflow_print_server:9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeFlow Print Server"
          }
        ],
        "category": "vendor",
        "name": "Xerox"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.4.0",
                "product": {
                  "name": "Oracle Communications Unified Inventory Management 7.4.0",
                  "product_id": "T013407",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.3.5",
                "product": {
                  "name": "Oracle Communications Unified Inventory Management 7.3.5",
                  "product_id": "T014027",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.3.2",
                "product": {
                  "name": "Oracle Communications Unified Inventory Management 7.3.2",
                  "product_id": "T014028",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.3.4",
                "product": {
                  "name": "Oracle Communications Unified Inventory Management 7.3.4",
                  "product_id": "T014029",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "communications_unified_inventory_management"
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-9251",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2015-9251"
    },
    {
      "cve": "CVE-2016-1000031",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2016-1000031"
    },
    {
      "cve": "CVE-2016-1181",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2016-1181"
    },
    {
      "cve": "CVE-2016-1182",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2016-1182"
    },
    {
      "cve": "CVE-2016-7055",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2016-7055"
    },
    {
      "cve": "CVE-2016-8735",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2016-8735"
    },
    {
      "cve": "CVE-2017-0861",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-0861"
    },
    {
      "cve": "CVE-2017-12617",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-12617"
    },
    {
      "cve": "CVE-2017-15265",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-15265"
    },
    {
      "cve": "CVE-2017-3730",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3730"
    },
    {
      "cve": "CVE-2017-3731",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3731"
    },
    {
      "cve": "CVE-2017-3732",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3732"
    },
    {
      "cve": "CVE-2017-3733",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3733"
    },
    {
      "cve": "CVE-2017-3735",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3735"
    },
    {
      "cve": "CVE-2017-3736",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3736"
    },
    {
      "cve": "CVE-2017-3738",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-3738"
    },
    {
      "cve": "CVE-2017-5645",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-5645"
    },
    {
      "cve": "CVE-2017-5664",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-5664"
    },
    {
      "cve": "CVE-2017-5753",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-5753"
    },
    {
      "cve": "CVE-2017-5754",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-5754"
    },
    {
      "cve": "CVE-2017-7525",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2017-7525"
    },
    {
      "cve": "CVE-2018-0732",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-0732"
    },
    {
      "cve": "CVE-2018-0733",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-0733"
    },
    {
      "cve": "CVE-2018-0734",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-0734"
    },
    {
      "cve": "CVE-2018-0737",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-0737"
    },
    {
      "cve": "CVE-2018-0739",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-0739"
    },
    {
      "cve": "CVE-2018-1000004",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-1000004"
    },
    {
      "cve": "CVE-2018-1000180",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-1000180"
    },
    {
      "cve": "CVE-2018-1000613",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-1000613"
    },
    {
      "cve": "CVE-2018-10901",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-10901"
    },
    {
      "cve": "CVE-2018-11039",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11039"
    },
    {
      "cve": "CVE-2018-11040",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11040"
    },
    {
      "cve": "CVE-2018-11218",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11218"
    },
    {
      "cve": "CVE-2018-11219",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11219"
    },
    {
      "cve": "CVE-2018-11236",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11236"
    },
    {
      "cve": "CVE-2018-11237",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11237"
    },
    {
      "cve": "CVE-2018-11784",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-11784"
    },
    {
      "cve": "CVE-2018-12384",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-12384"
    },
    {
      "cve": "CVE-2018-12404",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-12404"
    },
    {
      "cve": "CVE-2018-1257",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-1257"
    },
    {
      "cve": "CVE-2018-1258",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-1258"
    },
    {
      "cve": "CVE-2018-16864",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-16864"
    },
    {
      "cve": "CVE-2018-16865",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-16865"
    },
    {
      "cve": "CVE-2018-16890",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-16890"
    },
    {
      "cve": "CVE-2018-3620",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-3620"
    },
    {
      "cve": "CVE-2018-3646",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-3646"
    },
    {
      "cve": "CVE-2018-3693",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-3693"
    },
    {
      "cve": "CVE-2018-6485",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-6485"
    },
    {
      "cve": "CVE-2018-7489",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-7489"
    },
    {
      "cve": "CVE-2018-7566",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2018-7566"
    },
    {
      "cve": "CVE-2019-3822",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2019-3822"
    },
    {
      "cve": "CVE-2019-3823",
      "product_status": {
        "known_affected": [
          "T009732",
          "T013407",
          "T014018",
          "T014029",
          "T006217",
          "T014019",
          "T014016",
          "T014027",
          "T014017",
          "T014028",
          "T014014",
          "T014025",
          "T002977",
          "T014015",
          "T014026",
          "T014023",
          "T014024",
          "T014021",
          "T014022",
          "T014030",
          "T014020",
          "T014031",
          "329193",
          "T000126"
        ]
      },
      "release_date": "2019-04-16T22:00:00.000+00:00",
      "title": "CVE-2019-3823"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-0739 (GCVE-0-2018-0739)

WID-SEC-W-2023-1969

WID-SEC-W-2023-2048

WID-SEC-W-2025-1212

Tags

Sightings

Nomenclature