Vulnerability-Lookup

CVE-2024-20922 (GCVE-0-2024-20922)

Vulnerability from cvelistv5 – Published: 2024-01-16 21:41 – Updated: 2025-06-02 15:08

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).

Severity

2.5 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.
CWE-noinfo Not enough information

Assigner

oracle

References

2 references

URL	Tags
https://www.oracle.com/security-alerts/cpujan2024.html	vendor-advisory
https://security.netapp.com/advisory/ntap-2024020…

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	Java SE JDK and JRE	Affected: Oracle Java SE:8u391 Affected: Oracle GraalVM Enterprise Edition:20.3.12 Affected: Oracle GraalVM Enterprise Edition:21.3.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:06:37.344Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2024.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240201-0002/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20922",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T15:54:33.833490Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-02T15:08:06.290Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:8u391"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.12"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-01T17:06:44.322Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2024.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240201-0002/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2024-20922",
    "datePublished": "2024-01-16T21:41:15.590Z",
    "dateReserved": "2023-12-07T22:28:10.620Z",
    "dateUpdated": "2025-06-02T15:08:06.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-20922",
      "date": "2026-06-04",
      "epss": "0.00056",
      "percentile": "0.17693"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:graalvm:20.3.12:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"D17D1EA4-A45F-4D8D-BA3E-4898EC6D48B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:graalvm:21.3.8:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"CF534BA8-A2A5-4768-A480-CFB885308AF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.8.0:update391:*:*:-:*:*:*\", \"matchCriteriaId\": \"D667746E-7E7C-4326-9B70-3587C2B41BAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.8.0:update391:*:*:enterprise_performance_pack:*:*:*\", \"matchCriteriaId\": \"F3EF33DE-2E3F-4D5A-BF06-AC3C75108089\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.8.0:update391:*:*:-:*:*:*\", \"matchCriteriaId\": \"CA31F3A1-07E1-4685-8A24-7C7830EF7600\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.8.0:update391:*:*:enterprise_performance_pack:*:*:*\", \"matchCriteriaId\": \"DB7CD545-5B56-47FC-803F-8F150C810534\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCAA4004-9319-478C-9D55-0E8307F872F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B199052-5732-4726-B06B-A12C70DFB891\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: JavaFX). Las versiones compatibles que se ven afectadas son Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 y 21.3.8. Una vulnerabilidad dif\\u00edcil de explotar permite que un atacante no autenticado con inicio de sesi\\u00f3n en la infraestructura donde se ejecuta Oracle Java SE, Oracle GraalVM Enterprise Edition comprometa Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques exitosos requieren la interacci\\u00f3n humana de una persona distinta del atacante. Los ataques exitosos a esta vulnerabilidad pueden resultar en actualizaciones no autorizadas, inserci\\u00f3n o eliminaci\\u00f3n de acceso a algunos de los datos accesibles de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad se aplica a implementaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o o subprogramas de Java en sandbox, que cargan y ejecutan c\\u00f3digo que no es de confianza (por ejemplo, c\\u00f3digo que proviene de Internet) y dependen del entorno limitado de Java para su seguridad. Esta vulnerabilidad no se aplica a implementaciones de Java, normalmente en servidores, que cargan y ejecutan s\\u00f3lo c\\u00f3digo confiable (por ejemplo, c\\u00f3digo instalado por un administrador). CVSS 3.1 Puntaje base 2.5 (Impactos en la integridad). Vector CVSS: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).\"}]",
      "id": "CVE-2024-20922",
      "lastModified": "2024-11-21T08:53:26.313",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert_us@oracle.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 2.5, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 1.4}]}",
      "published": "2024-01-16T22:15:39.860",
      "references": "[{\"url\": \"https://security.netapp.com/advisory/ntap-20240201-0002/\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2024.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240201-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2024.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-20922\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2024-01-16T22:15:39.860\",\"lastModified\":\"2024-11-21T08:53:26.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: JavaFX). Las versiones compatibles que se ven afectadas son Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 y 21.3.8. Una vulnerabilidad dif\u00edcil de explotar permite que un atacante no autenticado con inicio de sesi\u00f3n en la infraestructura donde se ejecuta Oracle Java SE, Oracle GraalVM Enterprise Edition comprometa Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques exitosos requieren la interacci\u00f3n humana de una persona distinta del atacante. Los ataques exitosos a esta vulnerabilidad pueden resultar en actualizaciones no autorizadas, inserci\u00f3n o eliminaci\u00f3n de acceso a algunos de los datos accesibles de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad se aplica a implementaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o o subprogramas de Java en sandbox, que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo que proviene de Internet) y dependen del entorno limitado de Java para su seguridad. Esta vulnerabilidad no se aplica a implementaciones de Java, normalmente en servidores, que cargan y ejecutan s\u00f3lo c\u00f3digo confiable (por ejemplo, c\u00f3digo instalado por un administrador). CVSS 3.1 Puntaje base 2.5 (Impactos en la integridad). Vector CVSS: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":2.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.12:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"D17D1EA4-A45F-4D8D-BA3E-4898EC6D48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:21.3.8:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"CF534BA8-A2A5-4768-A480-CFB885308AF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update391:*:*:-:*:*:*\",\"matchCriteriaId\":\"D667746E-7E7C-4326-9B70-3587C2B41BAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update391:*:*:enterprise_performance_pack:*:*:*\",\"matchCriteriaId\":\"F3EF33DE-2E3F-4D5A-BF06-AC3C75108089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update391:*:*:-:*:*:*\",\"matchCriteriaId\":\"CA31F3A1-07E1-4685-8A24-7C7830EF7600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update391:*:*:enterprise_performance_pack:*:*:*\",\"matchCriteriaId\":\"DB7CD545-5B56-47FC-803F-8F150C810534\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCAA4004-9319-478C-9D55-0E8307F872F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B199052-5732-4726-B06B-A12C70DFB891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]}],\"references\":[{\"url\":\"https://security.netapp.com/advisory/ntap-20240201-0002/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2024.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240201-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2024.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240201-0002/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:06:37.344Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20922\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T15:54:33.833490Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T15:54:35.369Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 2.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Java SE JDK and JRE\", \"versions\": [{\"status\": \"affected\", \"version\": \"Oracle Java SE:8u391\"}, {\"status\": \"affected\", \"version\": \"Oracle GraalVM Enterprise Edition:20.3.12\"}, {\"status\": \"affected\", \"version\": \"Oracle GraalVM Enterprise Edition:21.3.8\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2024.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240201-0002/\"}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"description\": \"Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2024-02-01T17:06:44.322Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-20922\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-02T15:08:06.290Z\", \"dateReserved\": \"2023-12-07T22:28:10.620Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2024-01-16T21:41:15.590Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

OPENSUSE-SU-2024:13609-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

openjfx-17.0.10.0-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: openjfx-17.0.10.0-1.1 on GA media

Description of the patch: These are all security issues fixed in the openjfx-17.0.10.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-13609

CVE-2024-20922

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64	—	Vendor Fix

Threats

Impact not set

CVE-2024-20923

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2024-20925

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64	—	Vendor Fix

Threats

Impact low

References

10 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-20922/	self
https://www.suse.com/security/cve/CVE-2024-20923/	self
https://www.suse.com/security/cve/CVE-2024-20925/	self
https://www.suse.com/security/cve/CVE-2024-20922	external
https://www.suse.com/security/cve/CVE-2024-20923	external
https://bugzilla.suse.com/1220071	external
https://www.suse.com/security/cve/CVE-2024-20925	external
https://bugzilla.suse.com/1220072	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "openjfx-17.0.10.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the openjfx-17.0.10.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13609",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13609-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-20922 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-20922/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-20923 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-20923/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-20925 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-20925/"
      }
    ],
    "title": "openjfx-17.0.10.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13609-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openjfx-17.0.10.0-1.1.aarch64",
                "product": {
                  "name": "openjfx-17.0.10.0-1.1.aarch64",
                  "product_id": "openjfx-17.0.10.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openjfx-devel-17.0.10.0-1.1.aarch64",
                "product": {
                  "name": "openjfx-devel-17.0.10.0-1.1.aarch64",
                  "product_id": "openjfx-devel-17.0.10.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openjfx-17.0.10.0-1.1.ppc64le",
                "product": {
                  "name": "openjfx-17.0.10.0-1.1.ppc64le",
                  "product_id": "openjfx-17.0.10.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openjfx-devel-17.0.10.0-1.1.ppc64le",
                "product": {
                  "name": "openjfx-devel-17.0.10.0-1.1.ppc64le",
                  "product_id": "openjfx-devel-17.0.10.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openjfx-17.0.10.0-1.1.s390x",
                "product": {
                  "name": "openjfx-17.0.10.0-1.1.s390x",
                  "product_id": "openjfx-17.0.10.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openjfx-devel-17.0.10.0-1.1.s390x",
                "product": {
                  "name": "openjfx-devel-17.0.10.0-1.1.s390x",
                  "product_id": "openjfx-devel-17.0.10.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openjfx-17.0.10.0-1.1.x86_64",
                "product": {
                  "name": "openjfx-17.0.10.0-1.1.x86_64",
                  "product_id": "openjfx-17.0.10.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openjfx-devel-17.0.10.0-1.1.x86_64",
                "product": {
                  "name": "openjfx-devel-17.0.10.0-1.1.x86_64",
                  "product_id": "openjfx-devel-17.0.10.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-17.0.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64"
        },
        "product_reference": "openjfx-17.0.10.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-17.0.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le"
        },
        "product_reference": "openjfx-17.0.10.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-17.0.10.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x"
        },
        "product_reference": "openjfx-17.0.10.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-17.0.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64"
        },
        "product_reference": "openjfx-17.0.10.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-devel-17.0.10.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64"
        },
        "product_reference": "openjfx-devel-17.0.10.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-devel-17.0.10.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le"
        },
        "product_reference": "openjfx-devel-17.0.10.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-devel-17.0.10.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x"
        },
        "product_reference": "openjfx-devel-17.0.10.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openjfx-devel-17.0.10.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
        },
        "product_reference": "openjfx-devel-17.0.10.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-20922",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-20922"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-20922",
          "url": "https://www.suse.com/security/cve/CVE-2024-20922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "not set"
        }
      ],
      "title": "CVE-2024-20922"
    },
    {
      "cve": "CVE-2024-20923",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-20923"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-20923",
          "url": "https://www.suse.com/security/cve/CVE-2024-20923"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220071 for CVE-2024-20923",
          "url": "https://bugzilla.suse.com/1220071"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2024-20923"
    },
    {
      "cve": "CVE-2024-20925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-20925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
          "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-20925",
          "url": "https://www.suse.com/security/cve/CVE-2024-20925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220072 for CVE-2024-20925",
          "url": "https://bugzilla.suse.com/1220072"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-17.0.10.0-1.1.x86_64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.aarch64",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.ppc64le",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.s390x",
            "openSUSE Tumbleweed:openjfx-devel-17.0.10.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2024-20925"
    }
  ]
}

WID-SEC-W-2024-0121

Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2025-04-29 22:00

Summary

Oracle Java SE: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).

Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - MacOS X - Sonstiges - UNIX - Windows

CVE-2023-44487

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2023-5072

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20918

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20919

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20921

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20922

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20923

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20925

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20926

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20932

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20945

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20952

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

CVE-2024-20955

Affected products

Known affected 89 products

Product	Identifier	Version
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1`	8.2.1
Dell NetWorker Runtime Environment <8.0.20 Dell / NetWorker		Runtime Environment <8.0.20
Hitachi Command Suite Hitachi	`cpe:/a:hitachi:command_suite:-`	—
IBM Storage Insights IBM	`cpe:/a:ibm:storage_insights:-`	—
IBM MQ <9.2.0.25 IBM / MQ		<9.2.0.25
Amazon Corretto <8.402.06.1 Amazon / Corretto		<8.402.06.1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM WebSphere Application Server 8.5 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:8.5`	8.5
IBM Rational Business Developer 9.6 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.6`	9.6
IBM WebSphere Application Server 9.0 IBM / WebSphere Application Server	`cpe:/a:ibm:websphere_application_server:9.0`	9
SolarWinds Security Event Manager <2024.2 SolarWinds / Security Event Manager		<2024.2
IBM MQ <9.3.0.17 IBM / MQ		<9.3.0.17
IBM AIX 7.3 IBM / AIX	`cpe:/o:ibm:aix:7.3`	7.3
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Amazon Corretto 11.0.22.7.1 Amazon / Corretto	`cpe:/a:amazon:corretto:11.0.22.7.1`	11.0.22.7.1
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM Rational Business Developer 9.7 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.7`	9.7
Dell NetWorker Runtime Environment (NRE) 8.0.19 Dell / NetWorker	`cpe:/a:dell:networker:runtime_environment_8.0.19`	Runtime Environment (NRE) 8.0.19
Oracle Java SE 22.3.4 Oracle / Java SE	`cpe:/a:oracle:java_se:22.3.4`	22.3.4
Oracle Java SE 11.0.21 Oracle / Java SE	`cpe:/a:oracle:java_se:11.0.21`	11.0.21
Oracle Java SE 21.3.8 Oracle / Java SE	`cpe:/a:oracle:java_se:21.3.8`	21.3.8
IBM AIX 7.2 IBM / AIX	`cpe:/o:ibm:aix:7.2`	7.2
Oracle Java SE 17.0.9 Oracle / Java SE	`cpe:/a:oracle:java_se:17.0.9`	17.0.9
IBM VIOS 3.1 IBM / VIOS	`cpe:/a:ibm:vios:3.1`	3.1
IBM VIOS 4.1 IBM / VIOS	`cpe:/a:ibm:vios:4.1`	4.1
IBM Storage Scale 5.1.0.0-5.1.9.2 IBM / Storage Scale	`cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2`	5.1.0.0-5.1.9.2
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
IBM Java <7.1.5.21 IBM / Java		<7.1.5.21
IBM Java <8.0.8.20 IBM / Java		<8.0.8.20
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
Kyocera Printer Kyocera	`cpe:/h:kyocera:printer:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
IBM Tivoli Netcool/OMNIbus IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:-`	—
IBM Tivoli Key Lifecycle Manager IBM	`cpe:/a:ibm:tivoli_key_lifecycle_manager:-`	—
IBM WebSphere Service Registry and Repository 8.5 IBM / WebSphere Service Registry and Repository	`cpe:/a:ibm:websphere_service_registry_and_repository:8.5`	8.5
IBM DB2 11.5 IBM / DB2	`cpe:/a:ibm:db2:11.5`	11.5
IBM TXSeries for multiplatforms_8.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.1`	for multiplatforms_8.1
IBM DB2 11.1 IBM / DB2	`cpe:/a:ibm:db2:11.1`	11.1
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM TXSeries for multiplatforms_8.2 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_8.2`	for multiplatforms_8.2
Oracle Java SE 21.0.1 Oracle / Java SE	`cpe:/a:oracle:java_se:21.0.1`	21.0.1
IBM TXSeries for multiplatforms_9.1 IBM / TXSeries	`cpe:/a:ibm:txseries:for_multiplatforms_9.1`	for multiplatforms_9.1
Oracle GraalVM Enterprise Edition 21.3.8 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.3.8::enterprise_edition`	Enterprise Edition 21.3.8
IBM Security Guardium 11.3 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:11.3`	11.3
IBM Business Automation Workflow <23.0.2-IF003 IBM / Business Automation Workflow		<23.0.2-IF003
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM Rational Business Developer 9.1 IBM / Rational Business Developer	`cpe:/a:ibm:rational_business_developer:9.1`	9.1
IBM InfoSphere Identity Insight 10.0.0.0 IBM / InfoSphere Identity Insight	`cpe:/a:ibm:infosphere_identity_insight:10.0.0.0`	10.0.0.0
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM Tivoli Netcool/OMNIbus 8.1.0 IBM / Tivoli Netcool/OMNIbus	`cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0`	8.1.0
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Dell ECS <3.8.1.1 Dell / ECS		<3.8.1.1
Oracle GraalVM for JDK 21.0.1 Oracle / GraalVM	`cpe:/a:oracle:graalvm:21.0.1::for_jdk`	for JDK 21.0.1
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
Oracle Java SE 8u391 Oracle / Java SE	`cpe:/a:oracle:java_se:8u391`	8u391
Oracle GraalVM for JDK 17.0.9 Oracle / GraalVM	`cpe:/a:oracle:graalvm:17.0.9::for_jdk`	for JDK 17.0.9
Oracle GraalVM Enterprise Edition 20.3.12 Oracle / GraalVM	`cpe:/a:oracle:graalvm:20.3.12::enterprise_edition`	Enterprise Edition 20.3.12
IBM App Connect Enterprise <12.0.11.2 IBM / App Connect Enterprise		<12.0.11.2
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7 IBM / Tivoli Monitoring		for Virtual Environments Base <7.3.7
Hitachi Configuration Manager Hitachi	`cpe:/a:hitachi:configuration_manager:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
HCL BigFix Compliance <2.0.11 HCL / BigFix		Compliance <2.0.11
IBM Tivoli Monitoring 6.3.0.7 IBM / Tivoli Monitoring	`cpe:/a:ibm:tivoli_monitoring:6.3.0.7`	6.3.0.7
IBM MQ IBM / MQ	`cpe:/a:ibm:mq:-`	—
IBM Power Hardware Management Console v10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	v10
IBM MQ <9.3.5.1 IBM / MQ		<9.3.5.1
Amazon Corretto <8.402.08.1 Amazon / Corretto		<8.402.08.1
IBM Tivoli Network Manager <4.2.0.19 IBM / Tivoli Network Manager		<4.2.0.19
IBM Tivoli Netcool/OMNIbus <8.1.0.32 IBM / Tivoli Netcool/OMNIbus		<8.1.0.32
IBM MQ <9.1.0.21 IBM / MQ		<9.1.0.21
IBM MQ <9.0.0.24 IBM / MQ		<9.0.0.24
IBM DB2 10.5 IBM / DB2	`cpe:/a:ibm:db2:10.5`	10.5
IBM Security Guardium 10.6 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:10.6`	10.6
IBM App Connect Enterprise <=11.0.0.24 IBM / App Connect Enterprise		<=11.0.0.24
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Amazon Corretto <8.442.06.1 Amazon / Corretto		<8.442.06.1
Amazon Corretto <11.0.26.4.1 Amazon / Corretto		<11.0.26.4.1
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM / Security Access Manager for Enterprise Single Sign-On	`cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2`	8.2.2
Broadcom Brocade SANnav Broadcom	`cpe:/a:broadcom:brocade_sannav:-`	—
IBM Business Automation Workflow <21.0.3-IF031 IBM / Business Automation Workflow		<21.0.3-IF031
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—

References

109 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujan2024…	external
https://github.com/corretto/corretto-8/blob/relea…	external
https://github.com/corretto/corretto-11/blob/rele…	external
https://access.redhat.com/errata/RHSA-2024:0233	external
https://access.redhat.com/errata/RHSA-2024:0234	external
https://access.redhat.com/errata/RHSA-2024:0230	external
https://access.redhat.com/errata/RHSA-2024:0244	external
https://access.redhat.com/errata/RHSA-2024:0250	external
https://access.redhat.com/errata/RHSA-2024:0235	external
https://access.redhat.com/errata/RHSA-2024:0237	external
https://access.redhat.com/errata/RHSA-2024:0239	external
https://access.redhat.com/errata/RHSA-2024:0240	external
https://access.redhat.com/errata/RHSA-2024:0241	external
https://access.redhat.com/errata/RHSA-2024:0242	external
https://access.redhat.com/errata/RHSA-2024:0246	external
https://access.redhat.com/errata/RHSA-2024:0247	external
https://access.redhat.com/errata/RHSA-2024:0248	external
https://access.redhat.com/errata/RHSA-2024:0249	external
https://access.redhat.com/errata/RHSA-2024:0265	external
https://access.redhat.com/errata/RHSA-2024:0267	external
https://alas.aws.amazon.com/AL2/ALASCORRETTO8-202…	external
https://access.redhat.com/errata/RHSA-2024:0224	external
https://access.redhat.com/errata/RHSA-2024:0222	external
https://access.redhat.com/errata/RHSA-2024:0223	external
https://access.redhat.com/errata/RHSA-2024:0225	external
https://access.redhat.com/errata/RHSA-2024:0226	external
https://access.redhat.com/errata/RHSA-2024:0228	external
https://access.redhat.com/errata/RHSA-2024:0231	external
https://access.redhat.com/errata/RHSA-2024:0232	external
https://linux.oracle.com/errata/ELSA-2024-0232.html	external
https://linux.oracle.com/errata/ELSA-2024-0223.html	external
https://alas.aws.amazon.com/AL2/ALAS-2024-2415.html	external
https://access.redhat.com/errata/RHSA-2024:0266	external
https://alas.aws.amazon.com/AL2/ALAS-2024-2414.html	external
https://github.com/corretto/corretto-8/blob/relea…	external
https://linux.oracle.com/errata/ELSA-2024-0249.html	external
https://linux.oracle.com/errata/ELSA-2024-0248.html	external
https://linux.oracle.com/errata/ELSA-2024-0267.html	external
https://lists.debian.org/debian-security-announce…	external
https://linux.oracle.com/errata/ELSA-2024-0266.html	external
https://alas.aws.amazon.com/AL2/ALASCORRETTO8-202…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
http://linux.oracle.com/errata/ELSA-2024-0265.html	external
https://lists.centos.org/pipermail/centos-announc…	external
https://lists.centos.org/pipermail/centos-announc…	external
https://lists.debian.org/debian-lts-announce/2024…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.hitachi.com/products/it/software/secu…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS-2024-2438.html	external
https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK1…	external
https://www.ibm.com/support/pages/node/7116432	external
https://www.ibm.com/support/pages/node/7117872	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-6661-1	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.ibm.com/support/pages/node/7123938	external
https://ubuntu.com/security/notices/USN-6662-1	external
https://ubuntu.com/security/notices/USN-6660-1	external
https://www.ibm.com/support/pages/node/7124105	external
https://www.ibm.com/support/pages/node/7129821	external
https://www.ibm.com/support/pages/node/7130904	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.ibm.com/support/pages/node/7130999	external
https://www.ibm.com/support/pages/node/7134446	external
https://www.ibm.com/support/pages/node/7131057	external
https://www.dell.com/support/kbdoc/000222962/dsa-2023-=	external
https://www.ibm.com/support/pages/node/7131804	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.ibm.com/support/pages/node/7140420	external
https://www.dell.com/support/kbdoc/de-de/00022296…	external
https://ubuntu.com/security/notices/USN-6696-1	external
https://linux.oracle.com/errata/ELSA-2024-12225.html	external
https://www.ibm.com/support/pages/node/7144952	external
https://www.ibm.com/support/pages/node/7145213	external
https://www.ibm.com/support/pages/node/7145183	external
https://www.ibm.com/support/pages/node/7145161	external
https://www.ibm.com/support/pages/node/7145672	external
https://www.ibm.com/support/pages/node/7146478	external
https://www.ibm.com/support/pages/node/7148365	external
https://documentation.solarwinds.com/en/success_c…	external
https://www.ibm.com/support/pages/node/7149586	external
https://www.ibm.com/support/pages/node/7149581	external
https://www.ibm.com/support/pages/node/7149707	external
https://www.ibm.com/support/pages/node/7149801	external
https://www.ibm.com/support/pages/node/7149991	external
https://www.ibm.com/support/pages/node/7150063	external
https://www.dell.com/support/kbdoc/000224827/dsa-2024-=	external
https://www.ibm.com/support/pages/node/7150594	external
https://www.ibm.com/support/pages/node/7150660	external
https://www.ibm.com/support/pages/node/7152890	external
https://support.broadcom.com/web/ecx/support-cont…	external
https://www.ibm.com/support/pages/node/7156536	external
https://www.ibm.com/support/pages/node/7158490	external
https://support.hcltechsw.com/csm?id=kb_article&s…	external
https://support.hcltechsw.com/csm?id=kb_article&s…	external
https://www.dell.com/support/kbdoc/de-de/00022705…	external
https://ubuntu.com/security/notices/USN-7096-1	external
https://security.gentoo.org/glsa/202412-07	external
https://www.ibm.com/support/pages/node/7180128	external
https://github.com/corretto/corretto-8/blob/14eb6…	external
https://github.com/corretto/corretto-11/blob/ece6…	external
https://ubuntu.com/security/notices/USN-7096-2	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://www.kyoceradocumentsolutions.us/en/suppor…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0121 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0121.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0121 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0121"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Java SE vom 2024-01-16",
        "url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA"
      },
      {
        "category": "external",
        "summary": "Change Log for Amazon Corretto 8",
        "url": "https://github.com/corretto/corretto-8/blob/release-8.402.06.1/CHANGELOG.md"
      },
      {
        "category": "external",
        "summary": "Change Log for Amazon Corretto 11",
        "url": "https://github.com/corretto/corretto-11/blob/release-11.0.22.7.1/CHANGELOG.md"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0233 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0233"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0234 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0234"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0230 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0230"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0244 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0244"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0250 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0250"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0235 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0235"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0237 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0237"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0239 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0239"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0240 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0240"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0241 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0241"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0242 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0242"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0246 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0246"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0247 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0247"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0248 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0248"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0249 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0249"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0265 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0265"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0267 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0267"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASCORRETTO8-2024-009 vom 2024-01-18",
        "url": "https://alas.aws.amazon.com/AL2/ALASCORRETTO8-2024-009.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0224 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0224"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0222 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0222"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0223 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0223"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0225 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0225"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0226 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0226"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0228 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0228"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0231 vom 2024-01-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:0231"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0232 vom 2024-01-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:0232"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0232 vom 2024-01-18",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0232.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0223 vom 2024-01-18",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0223.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2415 vom 2024-01-19",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2415.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0266 vom 2024-01-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:0266"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2414 vom 2024-01-19",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2414.html"
      },
      {
        "category": "external",
        "summary": "Change Log for Amazon Corretto 8 vom 2024-01-19",
        "url": "https://github.com/corretto/corretto-8/blob/release-8.402.08.1/CHANGELOG.md"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0249 vom 2024-01-20",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0249.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0248 vom 2024-01-20",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0248.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0267 vom 2024-01-23",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0267.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5604 vom 2024-01-23",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00011.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0266 vom 2024-01-23",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0266.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASCORRETTO8-2024-010 vom 2024-01-24",
        "url": "https://alas.aws.amazon.com/AL2/ALASCORRETTO8-2024-010.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0203-1 vom 2024-01-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017755.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0265 vom 2024-01-25",
        "url": "http://linux.oracle.com/errata/ELSA-2024-0265.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:0223 vom 2024-01-26",
        "url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099218.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:0232 vom 2024-01-26",
        "url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099219.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3728 vom 2024-01-31",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5613 vom 2024-02-02",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00020.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0321-1 vom 2024-02-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017851.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-110 vom 2024-02-06",
        "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-110/index.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0325-1 vom 2024-02-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017858.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2438 vom 2024-02-06",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2438.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2024-007 vom 2024-02-06",
        "url": "https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK11-2024-007.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7116432 vom 2024-02-09",
        "url": "https://www.ibm.com/support/pages/node/7116432"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7117872 vom 2024-02-15",
        "url": "https://www.ibm.com/support/pages/node/7117872"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0479-1 vom 2024-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017941.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6661-1 vom 2024-02-27",
        "url": "https://ubuntu.com/security/notices/USN-6661-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0619-1 vom 2024-02-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018007.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123938 vom 2024-02-26",
        "url": "https://www.ibm.com/support/pages/node/7123938"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6662-1 vom 2024-02-27",
        "url": "https://ubuntu.com/security/notices/USN-6662-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6660-1 vom 2024-02-27",
        "url": "https://ubuntu.com/security/notices/USN-6660-1"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7124105 vom 2024-02-27",
        "url": "https://www.ibm.com/support/pages/node/7124105"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7129821 vom 2024-03-04",
        "url": "https://www.ibm.com/support/pages/node/7129821"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7130904 vom 2024-03-08",
        "url": "https://www.ibm.com/support/pages/node/7130904"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0804-1 vom 2024-03-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018109.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7130999 vom 2024-03-08",
        "url": "https://www.ibm.com/support/pages/node/7130999"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7134446 vom 2024-03-11",
        "url": "https://www.ibm.com/support/pages/node/7134446"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7131057 vom 2024-03-08",
        "url": "https://www.ibm.com/support/pages/node/7131057"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-126 vom 2024-03-12",
        "url": "https://www.dell.com/support/kbdoc/000222962/dsa-2023-="
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7131804 vom 2024-03-11",
        "url": "https://www.ibm.com/support/pages/node/7131804"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0847-1 vom 2024-03-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018149.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7140420 vom 2024-03-13",
        "url": "https://www.ibm.com/support/pages/node/7140420"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2023-126 vom 2024-03-13",
        "url": "https://www.dell.com/support/kbdoc/de-de/000222962/dsa-2023-126-security-update-for-dell-networker-runtime-environment-nre-oracle-java-se-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6696-1 vom 2024-03-18",
        "url": "https://ubuntu.com/security/notices/USN-6696-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12225 vom 2024-03-19",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12225.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7144952 vom 2024-03-21",
        "url": "https://www.ibm.com/support/pages/node/7144952"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7145213"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145183 vom 2024-03-25",
        "url": "https://www.ibm.com/support/pages/node/7145183"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7145161"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145672 vom 2024-04-02",
        "url": "https://www.ibm.com/support/pages/node/7145672"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
        "url": "https://www.ibm.com/support/pages/node/7146478"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7148365 vom 2024-04-16",
        "url": "https://www.ibm.com/support/pages/node/7148365"
      },
      {
        "category": "external",
        "summary": "SEM 2024.2 release notes vom 2024-04-17",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149586 vom 2024-04-26",
        "url": "https://www.ibm.com/support/pages/node/7149586"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149581 vom 2024-04-26",
        "url": "https://www.ibm.com/support/pages/node/7149581"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149707 vom 2024-04-29",
        "url": "https://www.ibm.com/support/pages/node/7149707"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149801 vom 2024-04-30",
        "url": "https://www.ibm.com/support/pages/node/7149801"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149991 vom 2024-05-01",
        "url": "https://www.ibm.com/support/pages/node/7149991"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7150063 vom 2024-05-02",
        "url": "https://www.ibm.com/support/pages/node/7150063"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
        "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7150594 vom 2024-05-09",
        "url": "https://www.ibm.com/support/pages/node/7150594"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7150660 vom 2024-05-09",
        "url": "https://www.ibm.com/support/pages/node/7150660"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7152890 vom 2024-05-16",
        "url": "https://www.ibm.com/support/pages/node/7152890"
      },
      {
        "category": "external",
        "summary": "Brocade Security Advisory BSA-2024-2487 vom 2024-05-24",
        "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24356"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7156536 vom 2024-06-19",
        "url": "https://www.ibm.com/support/pages/node/7156536"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7158490 vom 2024-06-23",
        "url": "https://www.ibm.com/support/pages/node/7158490"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2024-07-15",
        "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114705"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2024-07-16",
        "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0113893"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-239 vom 2024-07-18",
        "url": "https://www.dell.com/support/kbdoc/de-de/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7096-1 vom 2024-11-11",
        "url": "https://ubuntu.com/security/notices/USN-7096-1"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202412-07 vom 2024-12-07",
        "url": "https://security.gentoo.org/glsa/202412-07"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7180128 vom 2025-01-02",
        "url": "https://www.ibm.com/support/pages/node/7180128"
      },
      {
        "category": "external",
        "summary": "Change Log for Amazon Corretto 8 vom 2025-01-21",
        "url": "https://github.com/corretto/corretto-8/blob/14eb6b297ac476ca5734706b40903e5a69ecd74a/CHANGELOG.md"
      },
      {
        "category": "external",
        "summary": "Change Log for Amazon Corretto 11 vom 2025-01-21",
        "url": "https://github.com/corretto/corretto-11/blob/ece67a968d57210c69d3b9153576613846c1cacf/CHANGELOG.md"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7096-2 vom 2025-02-05",
        "url": "https://ubuntu.com/security/notices/USN-7096-2"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0066-1 vom 2025-02-18",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GS63GCBRVH7N4JEIZNQAPVFNNVB2OGSU/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0067-1 vom 2025-02-20",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XA5CCGSPUXUTQHDG25O5DM4G37BLRUMN/"
      },
      {
        "category": "external",
        "summary": "Kyocera Downloads",
        "url": "https://www.kyoceradocumentsolutions.us/en/support/downloads.name-L3VzL2VuL3NvZnR3YXJlL0tZT0NFUkFERVZJQ0VNQU5BR0VS.html#tab=application"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Java SE: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-04-29T22:00:00.000+00:00",
      "generator": {
        "date": "2025-04-30T11:20:24.153+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-0121",
      "initial_release_date": "2024-01-16T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-16T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-01-17T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und Amazon aufgenommen"
        },
        {
          "date": "2024-01-18T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Amazon und Red Hat aufgenommen"
        },
        {
          "date": "2024-01-21T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-22T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-23T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Debian und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-24T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon, SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-28T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von CentOS aufgenommen"
        },
        {
          "date": "2024-01-31T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-02-01T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-02-04T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-02-05T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von HITACHI, SUSE und Amazon aufgenommen"
        },
        {
          "date": "2024-02-11T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-02-14T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-02-15T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-02-26T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu, SUSE und IBM aufgenommen"
        },
        {
          "date": "2024-02-27T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-04T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-07T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von IBM und SUSE aufgenommen"
        },
        {
          "date": "2024-03-10T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Dell und IBM aufgenommen"
        },
        {
          "date": "2024-03-12T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-03-13T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-03-14T23:00:00.000+00:00",
          "number": "24",
          "summary": "CPE Dell korrigiert"
        },
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-03-21T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-25T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-01T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-04T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-28T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-01T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-02T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-05-09T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-16T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-23T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von BROCADE aufgenommen"
        },
        {
          "date": "2024-06-19T22:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-06-23T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von HCL aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-11-10T23:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-12-08T23:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2025-01-02T23:00:00.000+00:00",
          "number": "46",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-01-21T23:00:00.000+00:00",
          "number": "47",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-02-04T23:00:00.000+00:00",
          "number": "48",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-02-18T23:00:00.000+00:00",
          "number": "49",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-02-19T23:00:00.000+00:00",
          "number": "50",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-04-29T22:00:00.000+00:00",
          "number": "51",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "51"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.0.22.7.1",
                "product": {
                  "name": "Amazon Corretto 11.0.22.7.1",
                  "product_id": "T032180",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:amazon:corretto:11.0.22.7.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.402.06.1",
                "product": {
                  "name": "Amazon Corretto \u003c8.402.06.1",
                  "product_id": "T032183"
                }
              },
              {
                "category": "product_version",
                "name": "8.402.06.1",
                "product": {
                  "name": "Amazon Corretto 8.402.06.1",
                  "product_id": "T032183-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:amazon:corretto:8.402.06.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.402.08.1",
                "product": {
                  "name": "Amazon Corretto \u003c8.402.08.1",
                  "product_id": "T032256"
                }
              },
              {
                "category": "product_version",
                "name": "8.402.08.1",
                "product": {
                  "name": "Amazon Corretto 8.402.08.1",
                  "product_id": "T032256-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:amazon:corretto:8.402.08.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.26.4.1",
                "product": {
                  "name": "Amazon Corretto \u003c11.0.26.4.1",
                  "product_id": "T040500"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.26.4.1",
                "product": {
                  "name": "Amazon Corretto 11.0.26.4.1",
                  "product_id": "T040500-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:amazon:corretto:11.0.26.4.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.442.06.1",
                "product": {
                  "name": "Amazon Corretto \u003c8.442.06.1",
                  "product_id": "T040501"
                }
              },
              {
                "category": "product_version",
                "name": "8.442.06.1",
                "product": {
                  "name": "Amazon Corretto 8.442.06.1",
                  "product_id": "T040501-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:amazon:corretto:8.442.06.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Corretto"
          },
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Broadcom Brocade SANnav",
            "product": {
              "name": "Broadcom Brocade SANnav",
              "product_id": "T022212",
              "product_identification_helper": {
                "cpe": "cpe:/a:broadcom:brocade_sannav:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.8.1.1",
                "product": {
                  "name": "Dell ECS \u003c3.8.1.1",
                  "product_id": "T036366"
                }
              },
              {
                "category": "product_version",
                "name": "3.8.1.1",
                "product": {
                  "name": "Dell ECS 3.8.1.1",
                  "product_id": "T036366-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:ecs:3.8.1.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ECS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Runtime Environment \u003c8.0.20",
                "product": {
                  "name": "Dell NetWorker Runtime Environment \u003c8.0.20",
                  "product_id": "T033356"
                }
              },
              {
                "category": "product_version",
                "name": "Runtime Environment 8.0.20",
                "product": {
                  "name": "Dell NetWorker Runtime Environment 8.0.20",
                  "product_id": "T033356-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:runtime_environment__8.0.20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Runtime Environment (NRE) 8.0.19",
                "product": {
                  "name": "Dell NetWorker Runtime Environment (NRE) 8.0.19",
                  "product_id": "T033508",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:runtime_environment_8.0.19"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "virtual",
                "product": {
                  "name": "Dell NetWorker virtual",
                  "product_id": "T034583",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:virtual"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC Avamar",
            "product": {
              "name": "EMC Avamar",
              "product_id": "T014381",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:avamar:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Compliance \u003c2.0.11",
                "product": {
                  "name": "HCL BigFix Compliance \u003c2.0.11",
                  "product_id": "T035828"
                }
              },
              {
                "category": "product_version",
                "name": "Compliance 2.0.11",
                "product": {
                  "name": "HCL BigFix Compliance 2.0.11",
                  "product_id": "T035828-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:compliance__2.0.11"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BigFix"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Command Suite",
            "product": {
              "name": "Hitachi Command Suite",
              "product_id": "T010951",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:command_suite:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Hitachi Configuration Manager",
            "product": {
              "name": "Hitachi Configuration Manager",
              "product_id": "T020304",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:configuration_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Hitachi Ops Center",
            "product": {
              "name": "Hitachi Ops Center",
              "product_id": "T017562",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:ops_center:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.3",
                "product": {
                  "name": "IBM AIX 7.3",
                  "product_id": "1139691",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:aix:7.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.2",
                "product": {
                  "name": "IBM AIX 7.2",
                  "product_id": "434967",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:aix:7.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "AIX"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=11.0.0.24",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=11.0.0.24",
                  "product_id": "T032252"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=11.0.0.24",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=11.0.0.24",
                  "product_id": "T032252-fixed"
                }
              },
              {
                "category": "product_name",
                "name": "IBM App Connect Enterprise",
                "product": {
                  "name": "IBM App Connect Enterprise",
                  "product_id": "T032495",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c12.0.11.2",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c12.0.11.2",
                  "product_id": "T033331"
                }
              },
              {
                "category": "product_version",
                "name": "12.0.11.2",
                "product": {
                  "name": "IBM App Connect Enterprise 12.0.11.2",
                  "product_id": "T033331-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.11.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c23.0.2-IF003",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c23.0.2-IF003",
                  "product_id": "T033813"
                }
              },
              {
                "category": "product_version",
                "name": "23.0.2-IF003",
                "product": {
                  "name": "IBM Business Automation Workflow 23.0.2-IF003",
                  "product_id": "T033813-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:23.0.2:if003"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c21.0.3-IF031",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c21.0.3-IF031",
                  "product_id": "T033816"
                }
              },
              {
                "category": "product_version",
                "name": "21.0.3-IF031",
                "product": {
                  "name": "IBM Business Automation Workflow 21.0.3-IF031",
                  "product_id": "T033816-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3:if031"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.5",
                "product": {
                  "name": "IBM DB2 11.5",
                  "product_id": "T033138",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:db2:11.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "11.1",
                "product": {
                  "name": "IBM DB2 11.1",
                  "product_id": "T033139",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:db2:11.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.5",
                "product": {
                  "name": "IBM DB2 10.5",
                  "product_id": "T033140",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:db2:10.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DB2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.5.4",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.4",
                  "product_id": "T033810"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.4",
                "product": {
                  "name": "IBM DataPower Gateway 10.5.4",
                  "product_id": "T033810-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.0.10",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.0.10",
                  "product_id": "T033811"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.0.10",
                "product": {
                  "name": "IBM DataPower Gateway 10.5.0.10",
                  "product_id": "T033811-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.1.18",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.0.1.18",
                  "product_id": "T033812"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.1.18",
                "product": {
                  "name": "IBM DataPower Gateway 10.0.1.18",
                  "product_id": "T033812-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DataPower Gateway"
          },
          {
            "category": "product_name",
            "name": "IBM FlashSystem",
            "product": {
              "name": "IBM FlashSystem",
              "product_id": "T025159",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:flashsystem:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "10.0.0.0",
                "product": {
                  "name": "IBM InfoSphere Identity Insight 10.0.0.0",
                  "product_id": "T033658",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_identity_insight:10.0.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "InfoSphere Identity Insight"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.7",
                "product": {
                  "name": "IBM InfoSphere Information Server 11.7",
                  "product_id": "444803",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "InfoSphere Information Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Integration Bus"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.1.5.21",
                "product": {
                  "name": "IBM Java \u003c7.1.5.21",
                  "product_id": "T032672"
                }
              },
              {
                "category": "product_version",
                "name": "7.1.5.21",
                "product": {
                  "name": "IBM Java 7.1.5.21",
                  "product_id": "T032672-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:jre:7.1.5.21"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.0.8.20",
                "product": {
                  "name": "IBM Java \u003c8.0.8.20",
                  "product_id": "T032673"
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.20",
                "product": {
                  "name": "IBM Java 8.0.8.20",
                  "product_id": "T032673-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:jre:8.0.8.20"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Java"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM MQ",
                "product": {
                  "name": "IBM MQ",
                  "product_id": "T021398",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.3.5.1",
                "product": {
                  "name": "IBM MQ \u003c9.3.5.1",
                  "product_id": "T034437"
                }
              },
              {
                "category": "product_version",
                "name": "9.3.5.1",
                "product": {
                  "name": "IBM MQ 9.3.5.1",
                  "product_id": "T034437-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.3.5.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.0.24",
                "product": {
                  "name": "IBM MQ \u003c9.0.0.24",
                  "product_id": "T034438"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.0.24",
                "product": {
                  "name": "IBM MQ 9.0.0.24",
                  "product_id": "T034438-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.0.0.24"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.1.0.21",
                "product": {
                  "name": "IBM MQ \u003c9.1.0.21",
                  "product_id": "T034439"
                }
              },
              {
                "category": "product_version",
                "name": "9.1.0.21",
                "product": {
                  "name": "IBM MQ 9.1.0.21",
                  "product_id": "T034439-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.1.0.21"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.2.0.25",
                "product": {
                  "name": "IBM MQ \u003c9.2.0.25",
                  "product_id": "T034440"
                }
              },
              {
                "category": "product_version",
                "name": "9.2.0.25",
                "product": {
                  "name": "IBM MQ 9.2.0.25",
                  "product_id": "T034440-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.2.0.25"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.3.0.17",
                "product": {
                  "name": "IBM MQ \u003c9.3.0.17",
                  "product_id": "T034441"
                }
              },
              {
                "category": "product_version",
                "name": "9.3.0.17",
                "product": {
                  "name": "IBM MQ 9.3.0.17",
                  "product_id": "T034441-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.3.0.17"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "MQ"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v10",
                "product": {
                  "name": "IBM Power Hardware Management Console v10",
                  "product_id": "T023373",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:hardware_management_console:v10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Power Hardware Management Console"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.5",
                "product": {
                  "name": "IBM QRadar SIEM 7.5",
                  "product_id": "T022954",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.1",
                "product": {
                  "name": "IBM Rational Business Developer 9.1",
                  "product_id": "T006712",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_business_developer:9.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.6",
                "product": {
                  "name": "IBM Rational Business Developer 9.6",
                  "product_id": "T023629",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_business_developer:9.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.7",
                "product": {
                  "name": "IBM Rational Business Developer 9.7",
                  "product_id": "T023630",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_business_developer:9.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Rational Business Developer"
          },
          {
            "category": "product_name",
            "name": "IBM SAN Volume Controller",
            "product": {
              "name": "IBM SAN Volume Controller",
              "product_id": "T020642",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:san_volume_controller:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.2.1",
                "product": {
                  "name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.1",
                  "product_id": "T005246",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.2.2",
                "product": {
                  "name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.2",
                  "product_id": "T007073",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Access Manager for Enterprise Single Sign-On"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.3",
                "product": {
                  "name": "IBM Security Guardium 11.3",
                  "product_id": "1048943",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_guardium:11.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.6",
                "product": {
                  "name": "IBM Security Guardium 10.6",
                  "product_id": "410913",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_guardium:10.6"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Guardium"
          },
          {
            "category": "product_name",
            "name": "IBM Storage Insights",
            "product": {
              "name": "IBM Storage Insights",
              "product_id": "T035615",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:storage_insights:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "5.1.0.0-5.1.9.2",
                "product": {
                  "name": "IBM Storage Scale 5.1.0.0-5.1.9.2",
                  "product_id": "T034450",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Storage Scale"
          },
          {
            "category": "product_name",
            "name": "IBM Storwize",
            "product": {
              "name": "IBM Storwize",
              "product_id": "T021621",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:storwize:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "for multiplatforms_9.1",
                "product": {
                  "name": "IBM TXSeries for multiplatforms_9.1",
                  "product_id": "T015903",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:txseries:for_multiplatforms_9.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for multiplatforms_8.2",
                "product": {
                  "name": "IBM TXSeries for multiplatforms_8.2",
                  "product_id": "T015904",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for multiplatforms_8.1",
                "product": {
                  "name": "IBM TXSeries for multiplatforms_8.1",
                  "product_id": "T015905",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "TXSeries"
          },
          {
            "category": "product_name",
            "name": "IBM Tivoli Key Lifecycle Manager",
            "product": {
              "name": "IBM Tivoli Key Lifecycle Manager",
              "product_id": "T026238",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6.3.0.7",
                "product": {
                  "name": "IBM Tivoli Monitoring 6.3.0.7",
                  "product_id": "342008",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "for Virtual Environments Base \u003c7.3.7",
                "product": {
                  "name": "IBM Tivoli Monitoring for Virtual Environments Base \u003c7.3.7",
                  "product_id": "T039990"
                }
              },
              {
                "category": "product_version",
                "name": "for Virtual Environments Base 7.3.7",
                "product": {
                  "name": "IBM Tivoli Monitoring for Virtual Environments Base 7.3.7",
                  "product_id": "T039990-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_monitoring:7.3.7::for_virtual_environments_base"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tivoli Monitoring"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.1.0",
                "product": {
                  "name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
                  "product_id": "700367",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM Tivoli Netcool/OMNIbus",
                "product": {
                  "name": "IBM Tivoli Netcool/OMNIbus",
                  "product_id": "T004181",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.1.0.32",
                "product": {
                  "name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.32",
                  "product_id": "T034518"
                }
              },
              {
                "category": "product_version",
                "name": "8.1.0.32",
                "product": {
                  "name": "IBM Tivoli Netcool/OMNIbus 8.1.0.32",
                  "product_id": "T034518-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.32"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tivoli Netcool/OMNIbus"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.2.0.19",
                "product": {
                  "name": "IBM Tivoli Network Manager \u003c4.2.0.19",
                  "product_id": "T033620"
                }
              },
              {
                "category": "product_version",
                "name": "4.2.0.19",
                "product": {
                  "name": "IBM Tivoli Network Manager 4.2.0.19",
                  "product_id": "T033620-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0.19"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tivoli Network Manager"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.1",
                "product": {
                  "name": "IBM VIOS 3.1",
                  "product_id": "1039165",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:vios:3.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.1",
                "product": {
                  "name": "IBM VIOS 4.1",
                  "product_id": "1522854",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:vios:4.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "VIOS"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.5",
                "product": {
                  "name": "IBM WebSphere Application Server 8.5",
                  "product_id": "703851",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:websphere_application_server:8.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "IBM WebSphere Application Server 9.0",
                  "product_id": "703852",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:websphere_application_server:9.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "WebSphere Application Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.5",
                "product": {
                  "name": "IBM WebSphere Service Registry and Repository 8.5",
                  "product_id": "306235",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:8.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "WebSphere Service Registry and Repository"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Kyocera Printer",
            "product": {
              "name": "Kyocera Printer",
              "product_id": "T015471",
              "product_identification_helper": {
                "cpe": "cpe:/h:kyocera:printer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Kyocera"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "for JDK 21.0.1",
                "product": {
                  "name": "Oracle GraalVM for JDK 21.0.1",
                  "product_id": "T032163",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:graalvm:21.0.1::for_jdk"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for JDK 17.0.9",
                "product": {
                  "name": "Oracle GraalVM for JDK 17.0.9",
                  "product_id": "T032164",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:graalvm:17.0.9::for_jdk"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Enterprise Edition 20.3.12",
                "product": {
                  "name": "Oracle GraalVM Enterprise Edition 20.3.12",
                  "product_id": "T032165",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:graalvm:20.3.12::enterprise_edition"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Enterprise Edition 21.3.8",
                "product": {
                  "name": "Oracle GraalVM Enterprise Edition 21.3.8",
                  "product_id": "T032169",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:graalvm:21.3.8::enterprise_edition"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "GraalVM"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "21.3.8",
                "product": {
                  "name": "Oracle Java SE 21.3.8",
                  "product_id": "T032114",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:21.3.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.3.4",
                "product": {
                  "name": "Oracle Java SE 22.3.4",
                  "product_id": "T032115",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:22.3.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "11.0.21",
                "product": {
                  "name": "Oracle Java SE 11.0.21",
                  "product_id": "T032116",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:11.0.21"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "17.0.9",
                "product": {
                  "name": "Oracle Java SE 17.0.9",
                  "product_id": "T032117",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:17.0.9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8u391",
                "product": {
                  "name": "Oracle Java SE 8u391",
                  "product_id": "T032167",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:8u391"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.0.1",
                "product": {
                  "name": "Oracle Java SE 21.0.1",
                  "product_id": "T032168",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:java_se:21.0.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Java SE"
          },
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2024.2",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c2024.2",
                  "product_id": "T034244"
                }
              },
              {
                "category": "product_version",
                "name": "2024.2",
                "product": {
                  "name": "SolarWinds Security Event Manager 2024.2",
                  "product_id": "T034244-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2024.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-44487",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-5072",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2024-20918",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20918"
    },
    {
      "cve": "CVE-2024-20919",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20919"
    },
    {
      "cve": "CVE-2024-20921",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20921"
    },
    {
      "cve": "CVE-2024-20922",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20922"
    },
    {
      "cve": "CVE-2024-20923",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20923"
    },
    {
      "cve": "CVE-2024-20925",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20925"
    },
    {
      "cve": "CVE-2024-20926",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20926"
    },
    {
      "cve": "CVE-2024-20932",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20932"
    },
    {
      "cve": "CVE-2024-20945",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20945"
    },
    {
      "cve": "CVE-2024-20952",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20952"
    },
    {
      "cve": "CVE-2024-20955",
      "product_status": {
        "known_affected": [
          "T005246",
          "T033356",
          "T010951",
          "T035615",
          "T034440",
          "T032183",
          "T004914",
          "703851",
          "T023629",
          "703852",
          "T034244",
          "T034441",
          "1139691",
          "T020642",
          "T032180",
          "398363",
          "T023630",
          "T033508",
          "T032115",
          "T032116",
          "T032114",
          "434967",
          "T032117",
          "1039165",
          "1522854",
          "T034450",
          "T012167",
          "T032672",
          "T032673",
          "T017562",
          "T022954",
          "T015471",
          "T021621",
          "T014381",
          "2951",
          "T002207",
          "444803",
          "T027843",
          "T004181",
          "T026238",
          "306235",
          "T033138",
          "T015905",
          "T033139",
          "T033810",
          "T015904",
          "T032168",
          "T015903",
          "T032169",
          "1048943",
          "T033813",
          "67646",
          "T033811",
          "T006712",
          "T033658",
          "T033812",
          "700367",
          "T034583",
          "T036366",
          "T032163",
          "T033332",
          "T032167",
          "T032164",
          "T032165",
          "T033331",
          "T039990",
          "T020304",
          "T025159",
          "T035828",
          "342008",
          "T021398",
          "T023373",
          "T034437",
          "T032256",
          "T033620",
          "T034518",
          "T034439",
          "T034438",
          "T033140",
          "410913",
          "T032252",
          "T032495",
          "T000126",
          "T040501",
          "T040500",
          "T007073",
          "T022212",
          "T033816",
          "1727"
        ]
      },
      "release_date": "2024-01-16T23:00:00.000+00:00",
      "title": "CVE-2024-20955"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-20922 (GCVE-0-2024-20922)

OPENSUSE-SU-2024:13609-1

WID-SEC-W-2024-0121

Tags

Sightings

Nomenclature