Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-6387 (GCVE-0-2024-6387)
Vulnerability from cvelistv5 – Published: 2024-07-01 12:37 – Updated: 2026-05-12 11:39
VLAI
EPSS
Title
Openssh: regresshion - race condition in ssh allows rce/dos
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Severity
8.1 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-364 - Signal Handler Race Condition
Assigner
References
81 references
Impacted products
22 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
8.5p1 , ≤ 9.7p1
(custom)
|
|||
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:8.7p1-38.el9_4.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:8.7p1-12.el9_0.1 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:8.7p1-30.el9_2.4 , < *
(rpm)
cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
413.92.202407091321-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
414.92.202407091253-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
415.92.202407091355-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
416.94.202407081958-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat Ceph Storage 5 |
cpe:/a:redhat:ceph_storage:5 |
|
| Red Hat | Red Hat Ceph Storage 6 |
cpe:/a:redhat:ceph_storage:6 |
|
| Red Hat | Red Hat Ceph Storage 7 |
cpe:/a:redhat:ceph_storage:7 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Siemens | Industrial Edge Management OS (IEM-OS) |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINAMICS IIoT module |
Affected:
0 , < V1.0 HF1
(custom)
|
|
| Siemens | SINEMA Remote Connect Server |
Affected:
0 , < V3.2 SP2
(custom)
|
|
| Siemens | SINUMERIK ONE |
Affected:
0 , < V6.24
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
Date Public
2024-07-01 08:00
Credits
Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6387",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T13:18:34.695298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T13:18:46.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-24T18:35:27.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
},
{
"url": "https://www.exploit-db.com/exploits/52269"
},
{
"url": "https://packetstorm.news/files/id/190587/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
},
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"tags": [
"x_transferred"
],
"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
},
{
"tags": [
"x_transferred"
],
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/AlmaLinux/updates/issues/629"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/4379"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/azurelinux/issues/9555"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oracle/oracle-linux/issues/149"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/issues/87"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/zgzhang/cve-2024-6387-poc"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=40843778"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
},
{
"tags": [
"x_transferred"
],
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214119"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214118"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214120"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/20"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/19"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "Industrial Edge Management OS (IEM-OS)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS IIoT module",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.0 HF1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEMA Remote Connect Server",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2 SP2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINUMERIK ONE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:39:26.672Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-446545.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.openssh.com/",
"defaultStatus": "unaffected",
"packageName": "OpenSSH",
"repo": "https://anongit.mindrot.org/openssh.git",
"versions": [
{
"lessThanOrEqual": "9.7p1",
"status": "affected",
"version": "8.5p1",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream",
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-12.el9_0.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-30.el9_2.4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9",
"cpe:/a:redhat:openshift:4.13::el8"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "413.92.202407091321-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202407091253-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "415.92.202407091355-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202407081958-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:7"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
}
],
"datePublic": "2024-07-01T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-364",
"description": "Signal Handler Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T06:17:03.387Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-27T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-07-01T08:00:00.000Z",
"value": "Made public."
}
],
"title": "Openssh: regresshion - race condition in ssh allows rce/dos",
"workarounds": [
{
"lang": "en",
"value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-6387",
"datePublished": "2024-07-01T12:37:25.431Z",
"dateReserved": "2024-06-27T13:41:03.421Z",
"dateUpdated": "2026-05-12T11:39:26.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-6387",
"date": "2026-06-28",
"epss": "0.99506",
"percentile": "0.99939"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.4\", \"matchCriteriaId\": \"1102FFF5-77B1-400E-93F8-AC6CFE2CC93C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.6\", \"versionEndExcluding\": \"9.8\", \"matchCriteriaId\": \"EC13B91D-82A4-48B1-83AB-EC129C83D316\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C37CBBB-A4AA-40D0-9609-0620FDC12BA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7945F60B-460E-4CA6-9EB4-BEE663386D50\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01363FFA-F7A6-43FC-8D47-E67F95410095\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB056B47-1F45-4CE4-81F6-872F66C24C29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F843B777-5C64-4CAE-80D6-89DC2C9515B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39D345D3-108A-4551-A112-5EE51991411A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09F471C6-69AF-4E78-8143-17E783C80B9F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"359012F1-2C63-415A-88B8-6726A87830DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*\", \"matchCriteriaId\": \"47842532-D2B6-44CB-ADE2-4AC8630A4D8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"21538C5B-A130-411E-B5F7-BBBA4C9D488A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D4BE4FC-249C-4B58-9513-BF482444CB64\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndIncluding\": \"11.70.2\", \"matchCriteriaId\": \"8C5DA53D-744B-4087-AEA9-257F18949E4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7CF3019-975D-40BB-A8A4-894E62BD3797\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\", \"matchCriteriaId\": \"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A87EFA20-DD6B-41C5-98FD-A29F67D2E732\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2888B0C1-4D85-42EC-9696-03FAD0A9C28F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"556F4943-7BA4-4E09-94B3-4515DC3C7807\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AFEC561-D79B-498B-B59D-1D82B21BDF1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3306F11-D3C0-41D6-BB5E-2ABDC3927715\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E584FE1-3A34-492B-B10F-508DA7CBA768\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"761B4382-E857-4868-9F80-189B7F60256B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"51B17801-15FD-4425-BA6C-BE06B14F1BFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9CAFF74-AD36-4D29-83F3-23E0417C485D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7A81663-047E-4328-BE3A-CF65AB55B29F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"17DAE911-21E1-4182-85A0-B9F0059DDA7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABEA48EC-24EA-4106-9465-CE66B938635F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC8C769C-A23E-4F61-AC42-4DA64421B096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA25530A-133C-4D7C-8993-D5C42D79A0B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"69A72B5A-2189-4700-8E8B-1E5E7CA86C40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5771F187-281B-4680-B562-EFC7441A8F88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A4437F5-9DDA-4769-974E-23BFA085E0DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9C3A3D4-C9F4-41EB-B532-821AF83470B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"878A1F0A-087F-47D7-9CA5-A54BB8D6676A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"50A5E650-31FB-45BE-8827-641B58A83E45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"038E5B85-7F60-4D71-8D3F-EDBF6E036CE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF309824-D379-4749-A1FA-BCB2987DD671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"79D770C6-7A57-4A49-8164-C55391F62301\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA813990-8C8F-4EE8-9F2B-9F73C510A7B2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.0.0\", \"matchCriteriaId\": \"A6A2EBE8-012E-470E-9E56-56ACBE345F78\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una condici\\u00f3n de ejecuci\\u00f3n del controlador de se\\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\\u00f3nica. Sin embargo, este controlador de se\\u00f1ales llama a varias funciones que no son seguras para se\\u00f1ales as\\u00edncronas, por ejemplo, syslog().\"}]",
"id": "CVE-2024-6387",
"lastModified": "2024-11-21T09:49:33.050",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}]}",
"published": "2024-07-01T13:15:06.467",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.openssh.com/txt/release-9.8\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/18\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/20\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/12\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/02/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://explore.alas.aws.amazon.com/CVE-2024-6387.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/AlmaLinux/updates/issues/629\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/Azure/AKS/issues/4379\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/microsoft/azurelinux/issues/9555\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/oracle/oracle-linux/issues/149\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/rapier1/hpn-ssh/issues/87\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/zgzhang/cve-2024-6387-poc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://news.ycombinator.com/item?id=40843778\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2024-6387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240701-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://sig-security.rocky.page/issues/CVE-2024-6387/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/kb/HT214118\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/kb/HT214119\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/kb/HT214120\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://ubuntu.com/security/CVE-2024-6387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://ubuntu.com/security/notices/USN-6859-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.openssh.com/txt/release-9.8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.suse.com/security/cve/CVE-2024-6387.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.theregister.com/2024/07/01/regresshion_openssh/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-364\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6387\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-07-01T13:15:06.467\",\"lastModified\":\"2026-06-17T08:17:54.667\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n del controlador de se\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\u00f3nica. Sin embargo, este controlador de se\u00f1ales llama a varias funciones que no son seguras para se\u00f1ales as\u00edncronas, por ejemplo, syslog().\"}],\"affected\":[{\"source\":\"secalert@redhat.com\",\"affectedData\":[{\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://www.openssh.com/\",\"packageName\":\"OpenSSH\",\"repo\":\"https://anongit.mindrot.org/openssh.git\",\"versions\":[{\"version\":\"8.5p1\",\"lessThanOrEqual\":\"9.7p1\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\",\"cpe:/o:redhat:enterprise_linux:9::baseos\"],\"versions\":[{\"version\":\"0:8.7p1-38.el9_4.1\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\",\"cpe:/o:redhat:enterprise_linux:9::baseos\"],\"versions\":[{\"version\":\"0:8.7p1-38.el9_4.1\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::appstream\",\"cpe:/o:redhat:rhel_e4s:9.0::baseos\"],\"versions\":[{\"version\":\"0:8.7p1-12.el9_0.1\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9.2 Extended Update Support\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/o:redhat:rhel_eus:9.2::baseos\",\"cpe:/a:redhat:rhel_eus:9.2::appstream\"],\"versions\":[{\"version\":\"0:8.7p1-30.el9_2.4\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.13\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhcos\",\"cpes\":[\"cpe:/a:redhat:openshift:4.13::el9\",\"cpe:/a:redhat:openshift:4.13::el8\"],\"versions\":[{\"version\":\"413.92.202407091321-0\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.14\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhcos\",\"cpes\":[\"cpe:/a:redhat:openshift:4.14::el8\",\"cpe:/a:redhat:openshift:4.14::el9\"],\"versions\":[{\"version\":\"414.92.202407091253-0\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhcos\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el8\",\"cpe:/a:redhat:openshift:4.15::el9\"],\"versions\":[{\"version\":\"415.92.202407091355-0\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.16\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhcos\",\"cpes\":[\"cpe:/a:redhat:openshift:4.16::el9\"],\"versions\":[{\"version\":\"416.94.202407081958-0\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 5\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 6\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 7\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 6\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openssh\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"Industrial Edge Management OS (IEM-OS)\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINAMICS IIoT module\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V1.0 HF1\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEMA Remote Connect Server\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.2 SP2\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINUMERIK ONE\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V6.24\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-07-02T13:18:34.695298Z\",\"id\":\"CVE-2024-6387\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-364\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92EF92CC-8175-4319-A529-AF979BAE5FCE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17BDC1B0-BE6A-4680-A78E-5338AD709095\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FCBF1E6-3A6E-430A-AB34-AA48D4478C5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C366A02-074C-4F98-AE68-30E0FF85CD00\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32.0\",\"versionEndIncluding\":\"4.32.1f\",\"matchCriteriaId\":\"A5DA3089-31AA-499E-9C23-788503BE55B7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602CE21C-E1A9-4407-A504-CF4E58F596F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"BF90B5A4-6E55-4369-B9D4-E7A061E797D2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B93E9A-1483-4FF7-BF45-BD0D7D9F1747\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F87F7D08-7A28-493A-96BB-74C142109F8D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0734D1E1-2F59-4832-875F-AB03994B8992\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7592AE3D-D749-4494-9A55-71E2FD9BDFC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A15BA659-19D1-49AA-B249-EAE5E63B9B9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CE83596-82B9-4656-8E50-50D79DF06FB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68369A76-B0C3-4736-9EE6-4E0034111591\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCF845D8-65AE-4165-9742-B56E86AB7D21\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D435EFD-7B02-4921-8AC5-BBF07277F4B2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F65C59D-249A-4790-892C-B78CF82E51CF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E0E9D71-AF09-41F4-A1C7-94F616AF2832\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F7D6B02-55FE-4BF1-8607-A0D703E61055\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0FFEBCB-88AF-4AB2-A347-FB9420D2302A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550C1E38-56A3-4676-9D28-D66F66BA2FC8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4812740A-7E14-4B43-8E08-3FACA2585B48\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDD92BFA-9117-4E6E-A13F-ED064B4B7284\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7DA42F-5D64-4967-A2D4-6210FE507841\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E73901F-666D-4D8B-BDFD-93DD2F70C74B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0FD5AED-42CF-4918-B32C-D675738EF15C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B25BEF-8708-4E2C-8BA6-EBCD5267EB04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE0F11D2-B5D9-46B4-BFC5-C86BC87D516A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04E3BD77-8915-4FFC-8483-5DB5D610F829\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E94ECB-BB51-4364-BEDD-8648C193196F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AC7AD92-8B33-4137-A4EC-08641E4AF857\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD443748-B0D1-4C1A-A62E-BD5FB5967370\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1236B66D-EB11-4324-929F-E2B86683C3C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"281DFC67-46BB-4FC2-BE03-3C65C9311F65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECF32BB1-9A58-4821-AE49-5D5C8200631F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F21DE67F-CDFD-4D36-9967-633CD0240C6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB1EC2-2560-494A-A51B-6F20CE318FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58DE2B52-4E49-4CD0-9310-00291B0352C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36CECA5-4545-49C2-92EB-B739407B207F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8E7549A-DE35-4274-B3F6-22D51C7A6613\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AE3364-DB2D-4543-B1E2-175BF8BEBEE7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64173B9-2A11-4390-AC76-7DD94F0CD305\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93B9B933-7D69-4B33-8983-C1CEC000B38B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641290E6-558D-439F-AEBA-8F7BFF3D5C74\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAA16D1-1E27-4128-BA14-5A0C59340EAA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1C0A781-C3E2-4B41-8A30-FAD9E826270E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A43965-CB2E-4C28-AFC3-1ADE7A6B845C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"775078AE-16E0-4AF6-9022-372FC2852107\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D14D7F-E8E5-4669-8DB4-C634D0705EE9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F2D2745-242C-4603-899E-70C9025BDDD2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB4541D-5EF7-4266-BFF3-2DDEC95E8012\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7FD1DA9-7980-4643-B378-7095892DA176\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"347E9E3E-941C-4109-B59F-B9BB05486B34\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD661062-0D5B-4671-9D92-FEF8D7395C1E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F997DB9A-AF66-4CE1-B33B-A04493ECBA19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E8CD85-6C01-4B70-A1AA-750B46295194\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.7.6\",\"matchCriteriaId\":\"EA924D87-8FAE-4E34-83F7-A5E25C7450E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0\",\"versionEndExcluding\":\"13.6.8\",\"matchCriteriaId\":\"7008225C-B5B9-4F87-9392-DD2080717E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.6\",\"matchCriteriaId\":\"51E2E93B-C5A3-4C83-B806-2EC555AD45FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4\",\"matchCriteriaId\":\"1102FFF5-77B1-400E-93F8-AC6CFE2CC93C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6\",\"versionEndIncluding\":\"9.8\",\"matchCriteriaId\":\"F45F69D6-7E32-4483-9EFC-63697CDDD22C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C37CBBB-A4AA-40D0-9609-0620FDC12BA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7945F60B-460E-4CA6-9EB4-BEE663386D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB66ECE1-715A-4074-9355-E3512F7BCDBB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01363FFA-F7A6-43FC-8D47-E67F95410095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB056B47-1F45-4CE4-81F6-872F66C24C29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F843B777-5C64-4CAE-80D6-89DC2C9515B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39D345D3-108A-4551-A112-5EE51991411A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09F471C6-69AF-4E78-8143-17E783C80B9F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"359012F1-2C63-415A-88B8-6726A87830DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"47842532-D2B6-44CB-ADE2-4AC8630A4D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"21538C5B-A130-411E-B5F7-BBBA4C9D488A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D34E98-F549-4261-A42D-B37066C638B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.2\",\"matchCriteriaId\":\"8C5DA53D-744B-4087-AEA9-257F18949E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A20333EE-4C13-426E-8B54-D78679D5DDB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"5333B745-F7A3-46CB-8437-8668DB08CD6F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87EFA20-DD6B-41C5-98FD-A29F67D2E732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2888B0C1-4D85-42EC-9696-03FAD0A9C28F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"556F4943-7BA4-4E09-94B3-4515DC3C7807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AFEC561-D79B-498B-B59D-1D82B21BDF1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3306F11-D3C0-41D6-BB5E-2ABDC3927715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E584FE1-3A34-492B-B10F-508DA7CBA768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"761B4382-E857-4868-9F80-189B7F60256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"51B17801-15FD-4425-BA6C-BE06B14F1BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9CAFF74-AD36-4D29-83F3-23E0417C485D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A81663-047E-4328-BE3A-CF65AB55B29F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"17DAE911-21E1-4182-85A0-B9F0059DDA7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABEA48EC-24EA-4106-9465-CE66B938635F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC8C769C-A23E-4F61-AC42-4DA64421B096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA25530A-133C-4D7C-8993-D5C42D79A0B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A72B5A-2189-4700-8E8B-1E5E7CA86C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5771F187-281B-4680-B562-EFC7441A8F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A4437F5-9DDA-4769-974E-23BFA085E0DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C3A3D4-C9F4-41EB-B532-821AF83470B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"878A1F0A-087F-47D7-9CA5-A54BB8D6676A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"50A5E650-31FB-45BE-8827-641B58A83E45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"038E5B85-7F60-4D71-8D3F-EDBF6E036CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF309824-D379-4749-A1FA-BCB2987DD671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79D770C6-7A57-4A49-8164-C55391F62301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA813990-8C8F-4EE8-9F2B-9F73C510A7B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.0.0\",\"matchCriteriaId\":\"A6A2EBE8-012E-470E-9E56-56ACBE345F78\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4340\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4389\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4469\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4474\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4479\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-6387\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/02/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/04/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/08/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/08/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/09/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/09/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/11/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/11/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://explore.alas.aws.amazon.com/CVE-2024-6387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/AlmaLinux/updates/issues/629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Azure/AKS/issues/4379\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/microsoft/azurelinux/issues/9555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/oracle/oracle-linux/issues/149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/issues/87\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/zgzhang/cve-2024-6387-poc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=40843778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://packetstorm.news/files/id/190587/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240701-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sig-security.rocky.page/issues/CVE-2024-6387/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://ubuntu.com/security/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6859-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/52269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.suse.com/security/cve/CVE-2024-6387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.theregister.com/2024/07/01/regresshion_openssh/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-446545.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387\"}, {\"url\": \"https://www.exploit-db.com/exploits/52269\"}, {\"url\": \"https://packetstorm.news/files/id/190587/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/02/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"name\": \"RHSA-2024:4312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"name\": \"RHSA-2024:4340\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"name\": \"RHSA-2024:4389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"name\": \"RHSA-2024:4469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"name\": \"RHSA-2024:4474\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"name\": \"RHSA-2024:4479\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"name\": \"RHSA-2024:4484\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"name\": \"RHBZ#2294604\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://explore.alas.aws.amazon.com/CVE-2024-6387.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/AlmaLinux/updates/issues/629\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/4379\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2249\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/azurelinux/issues/9555\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oracle/oracle-linux/issues/149\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/issues/87\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/zgzhang/cve-2024-6387-poc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=40843778\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2024-6387\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240701-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://sig-security.rocky.page/issues/CVE-2024-6387/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2024-6387\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6859-1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.suse.com/security/cve/CVE-2024-6387.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2024/07/01/regresshion_openssh/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214119\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214118\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/20\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/18\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/19\", \"tags\": [\"x_transferred\"]}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-04-24T18:35:27.934Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6387\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-02T13:18:34.695298Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-02T13:18:43.278Z\"}}], \"cna\": {\"title\": \"Openssh: regresshion - race condition in ssh allows rce/dos\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"repo\": \"https://anongit.mindrot.org/openssh.git\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.5p1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.7p1\"}], \"packageName\": \"OpenSSH\", \"collectionURL\": \"https://www.openssh.com/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-38.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-38.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\", \"cpe:/o:redhat:rhel_e4s:9.0::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-12.el9_0.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.2::baseos\", \"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-30.el9_2.4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el9\", \"cpe:/a:redhat:openshift:4.13::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"413.92.202407091321-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"414.92.202407091253-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"415.92.202407091355-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"416.94.202407081958-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 7\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-06-27T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-07-01T08:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-07-01T08:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"name\": \"RHSA-2024:4312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"name\": \"RHSA-2024:4340\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"name\": \"RHSA-2024:4389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"name\": \"RHSA-2024:4469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"name\": \"RHSA-2024:4474\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"name\": \"RHSA-2024:4479\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"name\": \"RHSA-2024:4484\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"name\": \"RHBZ#2294604\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\"}, {\"url\": \"https://www.openssh.com/txt/release-9.8\"}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\\n\\n1) As root user, open the /etc/ssh/sshd_config\\n2) Add or edit the parameter configuration:\\n~~~\\nLoginGraceTime 0\\n~~~\\n3) Save and close the file\\n4) Restart the sshd daemon:\\n~~~\\nsystemctl restart sshd.service\\n~~~\\n\\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\\n\\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-364\", \"description\": \"Signal Handler Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-12-11T06:17:03.387Z\"}, \"x_redhatCweChain\": \"CWE-364: Signal Handler Race Condition\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6387\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-11T06:17:03.387Z\", \"dateReserved\": \"2024-06-27T13:41:03.421Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-07-01T12:37:25.431Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
VDE-2024-071
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2024-12-09 11:00 - Updated: 2025-05-22 13:03Summary
Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware
Severity
Critical
Notes
Summary: Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS
Impact: Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Remediation: Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer. Check download area for latest Firmware update to be installed on EPC 1502 or EPC 1522.
General Recommendation: Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).
A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications.
5.6 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.
7.5 (High)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a '.git/' directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via 'git config --global core.symlinks false'), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
9 (Critical)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus ('p' parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
5.3 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.
5.9 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
References
5 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination.",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer. Check download area for latest Firmware update to be installed on EPC 1502 or EPC 1522.",
"title": "Remediation"
},
{
"category": "general",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2024/00016",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
},
{
"category": "self",
"summary": "VDE-2024-071: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-071"
},
{
"category": "self",
"summary": "VDE-2024-071: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-071.json"
}
],
"source_lang": "en",
"title": "Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2024-071",
"PCSA-2024/00016"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2024-12-02T16:25:30.228Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.15"
}
},
"id": "VDE-2024-071",
"initial_release_date": "2024-12-09T11:00:00.000Z",
"revision_history": [
{
"date": "2024-12-09T11:00:00.000Z",
"number": "1",
"summary": "Initial"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: version space, contact details, quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072R",
"product": {
"name": "RFC 4072R",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1502",
"product": {
"name": "EPC 1502",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1522",
"product": {
"name": "EPC 1522",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"1264328"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.0.6 LTS",
"product": {
"name": "Firmware \u003c2024.0.6 LTS",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2024.0.6 LTS",
"product": {
"name": "Firmware 2024.0.6 LTS",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"summary": "Fixed Product."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 1152",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 1152",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 2152",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 2152",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 3152",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 3152",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on RFC 4072S",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on RFC 4072S",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on BPC 9102S",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on BPC 9102S",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on RFC 4072R",
"product_id": "CSAFPID-31008",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on RFC 4072R",
"product_id": "CSAFPID-32008",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on EPC 1502",
"product_id": "CSAFPID-31009",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on EPC 1522",
"product_id": "CSAFPID-31010",
"product_identification_helper": {
"model_numbers": [
"1264328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-4741](https://nvd.nist.gov/vuln/detail/CVE-2024-4741)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6387](https://nvd.nist.gov/vuln/detail/CVE-2024-6387)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-39894",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-39894](https://nvd.nist.gov/vuln/detail/CVE-2024-39894)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-39894"
},
{
"cve": "CVE-2024-32002",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Git\u0027s recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution",
"title": "Summary"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-32002](https://nvd.nist.gov/vuln/detail/CVE-2024-32002)",
"title": "Details"
},
{
"audience": "all",
"category": "description",
"text": "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule\u0027s worktree but into a \u0027.git/\u0027 directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via \u0027git config --global core.symlinks false\u0027), the described attack won\u0027t work. As always, it is best to avoid cloning repositories from untrusted sources.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 9,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-32002"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (\u0027p\u0027 parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\n\n",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-4603](https://nvd.nist.gov/vuln/detail/CVE-2024-4603)",
"title": "Details"
},
{
"audience": "all",
"category": "summary",
"text": "Excessive time spent checking DSA keys and parameters",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://www.suse.com/security/cve/CVE-2024-2511.html](https://www.suse.com/security/cve/CVE-2024-2511.html)",
"title": "Details"
},
{
"audience": "all",
"category": "summary",
"text": "Unbounded memory growth with session handling in TLSv1.3",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-2511"
}
]
}
WID-SEC-W-2024-1486
Vulnerability from csaf_certbund - Published: 2024-06-30 22:00 - Updated: 2026-02-12 23:00Summary
OpenSSH: Schwachstelle ermöglicht Codeausführung
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um beliebigen Programmcode mit root Rechten auszuführen.
Betroffene Betriebssysteme: - Appliance
- CISCO Appliance
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
Affected products
Known affected
115 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco Aironet Access Point 802.11ac Wave2
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:802.11ac_wave2
|
802.11ac Wave2 | |
|
Cisco Wireless Access Point 6300 Series Embedded
Cisco / Wireless Access Point
|
cpe:/h:cisco:wap:6300_series_embedded
|
6300 Series Embedded | |
|
Cisco Smart Software Manager On-Prem
Cisco
|
cpe:/a:cisco:smart_software_manager:-
|
— | |
|
Cisco FXOS Firepower Chassis Manager
Cisco / FXOS
|
cpe:/o:cisco:fxos:firepower_chassis_manager
|
Firepower Chassis Manager | |
|
Cisco Catalyst IW9165 Rugged Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9165_rugged_series
|
IW9165 Rugged Series | |
|
Cisco Catalyst IW9165 Heavy Duty Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9165_heavy_duty_series
|
IW9165 Heavy Duty Series | |
|
Cisco Catalyst IW6300 Heavy Duty Series Access Points
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw6300_heavy_duty_series_access_points
|
IW6300 Heavy Duty Series Access Points | |
|
Cisco Nexus Dashboard
Cisco
|
cpe:/a:cisco:nexus_dashboard:-
|
— | |
|
IGEL OS <11.10.150
IGEL / OS
|
<11.10.150 | ||
|
Dell Avamar Gen5a <Hotfix 338868
Dell / Avamar
|
Gen5a <Hotfix 338868 | ||
|
IGEL OS <12.4.2
IGEL / OS
|
<12.4.2 | ||
|
Alcatel Lucent Enterprise Desk Phone
Alcatel Lucent Enterprise
|
cpe:/h:alcatel-lucent:deskphone:-
|
— | |
|
IBM AIX 3.1
IBM / AIX
|
cpe:/o:ibm:aix:3.1
|
3.1 | |
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM AIX 4.1
IBM / AIX
|
cpe:/o:ibm:aix:4.1
|
4.1 | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Security Guardium 12.0
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:12.0
|
12 | |
|
Cisco Firepower Threat Defense
Cisco / Firepower
|
cpe:/a:cisco:firepower:threat_defense
|
Threat Defense | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Siemens SIMATIC S7 1500 CPU
Siemens / SIMATIC S7
|
cpe:/h:siemens:simatic_s7:1500_cpu
|
1500 CPU | |
|
Moxa Router
Moxa / Router
|
cpe:/h:moxa:router:-
|
— | |
|
Cisco IP Phone 9841
Cisco / IP Phone
|
cpe:/h:cisco:ip_phone:9841
|
9841 | |
|
Huawei iMaster NCE FabricInsight
Huawei
|
cpe:/a:huawei:imaster_nce_fabricinsight:-
|
— | |
|
Cisco Nexus 3000
Cisco / Nexus
|
cpe:/h:cisco:nexus:3000
|
3000 | |
|
Cisco Nexus 9000
Cisco / Nexus
|
cpe:/h:cisco:nexus:9000
|
9000 | |
|
Cisco IP Phone 9851
Cisco / IP Phone
|
cpe:/h:cisco:ip_phone:9851
|
9851 | |
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 | ||
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Huawei Router
Huawei
|
cpe:/h:huawei:router:-
|
— | |
|
Meinberg LANTIME <V7.08.014
Meinberg / LANTIME
|
<V7.08.014 | ||
|
IBM DB2 Cloud Pak
IBM / DB2
|
cpe:/a:ibm:db2:cloud_pak
|
Cloud Pak | |
|
Cisco Catalyst IW9167 Heavy Duty Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9167_heavy_duty_series
|
IW9167 Heavy Duty Series | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
Cisco Catalyst 9100 Series Access Points
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:9100_series_access_points
|
9100 Series Access Points | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Cisco Router ASR 5000
Cisco / Router
|
cpe:/h:cisco:router:asr_5000
|
ASR 5000 | |
|
Fortinet FortiAuthenticator
Fortinet
|
cpe:/a:fortinet:fortiauthenticator:-
|
— | |
|
Cisco ASA (Adaptive Security Appliance)
Cisco
|
cpe:/h:cisco:adaptive_security_appliance:-
|
— | |
|
Securepoint UTM <12.7.2
Securepoint / UTM
|
<12.7.2 | ||
|
Fortinet FortiMail
Fortinet
|
cpe:/a:fortinet:fortimail:-
|
— | |
|
Juniper JUNOS <24.4R1-EVO
Juniper / JUNOS
|
<24.4R1-EVO | ||
|
Juniper JUNOS <24.2R1-S2-EVO
Juniper / JUNOS
|
<24.2R1-S2-EVO | ||
|
Juniper JUNOS <24.4R1
Juniper / JUNOS
|
<24.4R1 | ||
|
Cisco Secure Email Gateway
Cisco
|
cpe:/h:cisco:secure_email_gateway:-
|
— | |
|
NetApp AFF Baseboard Management Controller
NetApp / AFF
|
cpe:/h:netapp:aff:::baseboard_management_controller
|
Baseboard Management Controller | |
|
Juniper JUNOS <24.2R2-EVO
Juniper / JUNOS
|
<24.2R2-EVO | ||
|
Aruba ArubaOS CX Switches
Aruba / ArubaOS
|
cpe:/o:arubanetworks:arubaos:cx_switches
|
CX Switches | |
|
OTRS OTRS SaaS platform <2024-07
OTRS / OTRS
|
SaaS platform <2024-07 | ||
|
Fortinet FortiVoice
Fortinet
|
cpe:/a:fortinet:fortivoice:-
|
— | |
|
Fortinet FortiWeb
Fortinet
|
cpe:/a:fortinet:fortiweb:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:-
|
— | |
|
Aruba EdgeConnect SD-WAN Orchestrator
Aruba / EdgeConnect
|
cpe:/a:aruba:edgeconnect:sd-wan_orchestrator
|
SD-WAN Orchestrator | |
|
QNAP NAS
QNAP / NAS
|
cpe:/h:qnap:nas:-
|
— | |
|
Cisco Catalyst 9800 Series Wireless Controllers
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:9800_series_wireless_controllers
|
9800 Series Wireless Controllers | |
|
Alcatel Lucent Enterprise AOS
Alcatel Lucent Enterprise
|
cpe:/o:alcatel:aos:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Cisco Application Policy Infrastructure Controller
Cisco
|
cpe:/a:cisco:application_policy_infrastructure_controller:-
|
— | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/a:cisco:unified_contact_center_express:-
|
— | |
|
Juniper JUNOS <24.2R1-S2
Juniper / JUNOS
|
<24.2R1-S2 | ||
|
Aruba Switch CX
Aruba / Switch
|
cpe:/h:arubanetworks:switch:aos-cx
|
CX | |
|
QNAP NAS QES 2.2.0
QNAP / NAS
|
cpe:/h:qnap:nas:qes_2.2.0
|
QES 2.2.0 | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
WatchGuard Firebox
WatchGuard / Firebox
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Cisco Evolved Programmable Network Manager
Cisco
|
cpe:/a:cisco:evolved_programmable_network_manager:-
|
— | |
|
Cisco Firepower Management Center
Cisco / Firepower
|
cpe:/a:cisco:firepower:management_center
|
Management Center | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco TelePresence Video Communication Server
Cisco / TelePresence
|
cpe:/h:cisco:telepresence:video_communication_server
|
Video Communication Server | |
|
Fortinet FortiManager
Fortinet
|
cpe:/a:fortinet:fortimanager:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:-
|
— | |
|
Cisco Aironet Access Point 1540
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:1540_series
|
1540 | |
|
WatchGuard Firebox <12.10.4 Update 1
WatchGuard / Firebox
|
<12.10.4 Update 1 | ||
|
Open Source OpenSSH <9.8p1
Open Source / OpenSSH
|
<9.8p1 | ||
|
Dell PowerScale OneFS
Dell
|
cpe:/a:dell:powerscale_onefs:onefs
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Dell integrated Dell Remote Access Controller <7.00.00.173
Dell / integrated Dell Remote Access Controller
|
<7.00.00.173 | ||
|
Dell integrated Dell Remote Access Controller <7.10.50.10
Dell / integrated Dell Remote Access Controller
|
<7.10.50.10 | ||
|
Cisco Secure Web Appliance
Cisco
|
cpe:/h:cisco:secure_web_appliance:-
|
— | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Alcatel Lucent Enterprise OmniSwitch
Alcatel Lucent Enterprise
|
cpe:/h:alcatel-lucent:omniswitch:-
|
— | |
|
Fortinet FortiAnalyzer
Fortinet
|
cpe:/a:fortinet:fortianalyzer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:-
|
— | |
|
Cisco Aironet Access Point 1560
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:1560_series
|
1560 | |
|
NetBSD Foundation NetBSD OS
NetBSD Foundation
|
cpe:/o:netbsd:netbsd:-
|
— | |
|
Huawei OceanStor
Huawei
|
cpe:/h:huawei:oceanstor_uds:-
|
— | |
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Huawei AC6805
Huawei
|
cpe:/h:huawei:ac6805_firmware:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Huawei AirEngine
Huawei
|
cpe:/h:huawei:airengine:-
|
— | |
|
Moxa Router EDR-G9010 <3.12
Moxa / Router
|
EDR-G9010 <3.12 | ||
|
Juniper JUNOS <24.2R2
Juniper / JUNOS
|
<24.2R2 | ||
|
Moxa Router OnCell G4302-LTE4 <3.12
Moxa / Router
|
OnCell G4302-LTE4 <3.12 | ||
|
Moxa Router EDR-8010 <3.12
Moxa / Router
|
EDR-8010 <3.12 | ||
|
Cisco Identity Services Engine (ISE)
Cisco
|
cpe:/a:cisco:identity_services_engine_software:-
|
— | |
|
Cisco Meeting Server
Cisco
|
cpe:/a:cisco:meeting_server:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HAProxy HAProxy <2024-07-04
HAProxy / HAProxy
|
<2024-07-04 | ||
|
HAProxy ALOHA <14.5.23
HAProxy / ALOHA
|
<14.5.23 | ||
|
HAProxy ALOHA <15.5.12
HAProxy / ALOHA
|
<15.5.12 | ||
|
HAProxy ALOHA <16.0.2
HAProxy / ALOHA
|
<16.0.2 | ||
|
Securepoint UTM <12.6.5.1
Securepoint / UTM
|
<12.6.5.1 | ||
|
Cisco Expressway
Cisco
|
cpe:/a:cisco:expressway_software:-
|
— | |
|
Huawei iMaster NCE Fabric
Huawei
|
cpe:/a:huawei:imaster_nce-fabric:-
|
— | |
|
Huawei NetEngine
Huawei
|
cpe:/h:huawei:netengine:-
|
— | |
|
Huawei CloudEngine
Huawei
|
cpe:/h:huawei:cloudengine:-
|
— | |
|
Huawei FusionServer Pro
Huawei
|
cpe:/h:huawei:fusionserver_pro:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Huawei iMaster NCE-Campus
Huawei
|
cpe:/a:huawei:imaster_nce-campus:-
|
— | |
|
Huawei iMaster NCE-CampusInsight
Huawei
|
cpe:/a:huawei:imaster_nce-campusinsight:-
|
— | |
|
HPE HP-UX sshd <A.09.30.007
HPE / HP-UX
|
sshd <A.09.30.007 | ||
|
NetApp FAS Baseboard Management Controller
NetApp / FAS
|
cpe:/h:netapp:fas:baseboard_management_controller
|
Baseboard Management Controller | |
|
IBM Security Guardium 12.1
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:12.1
|
12.1 |
References
57 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um beliebigen Programmcode mit root Rechten auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- CISCO Appliance\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1486 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1486.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1486 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1486"
},
{
"category": "external",
"summary": "Qualys Blog vom 2024-06-30",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-24:04.OPENSSH vom 2024-07-01",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5724 vom 2024-07-01",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00135.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12468 vom 2024-07-01",
"url": "https://linux.oracle.com/errata/ELSA-2024-12468.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-649 vom 2024-07-02",
"url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-649.html"
},
{
"category": "external",
"summary": "WatchGuard Security Advisory WGSA-2024-00012 vom 2024-07-01",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00012"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-213F33544E vom 2024-07-02",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-213f33544e"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-DC89A2E1BF vom 2024-07-02",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-dc89a2e1bf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2275-1 vom 2024-07-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018851.html"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-24-31 vom 2024-07-02",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-24-31"
},
{
"category": "external",
"summary": "NetBSD Security Advisory NETBSD-SA2024-002 vom 2024-07-02",
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"category": "external",
"summary": "IGEL Product Security Information vom 2024-07-03",
"url": "https://kb.igel.com/securitysafety/en/isn-2024-17-openssh-vulnerability-131268877.html"
},
{
"category": "external",
"summary": "Veriti Blog vom 2024-07-03",
"url": "https://veriti.ai/blog/regresshion-cve-2024-6387-a-targeted-exploit-in-the-wild/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4312 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"category": "external",
"summary": "Securepoint UTM Changelog vom 2024-07-03",
"url": "https://wiki.securepoint.de/UTM/Changelog"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2275-2 vom 2024-07-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018867.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4312 vom 2024-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2024-4312.html"
},
{
"category": "external",
"summary": "Cisco Security Advisory CISCO-SA-OPENSSH-RCE-2024 vom 2024-07-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4340 vom 2024-07-05",
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"category": "external",
"summary": "Arista Security Advisory vom 2024-07-08",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4389 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"category": "external",
"summary": "HAProxy Security Update",
"url": "https://www.haproxy.com/blog/cve-2024-6387"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7159920 vom 2024-07-10",
"url": "https://www.ibm.com/support/pages/node/7159920"
},
{
"category": "external",
"summary": "OTRS Security Advisory OSA-2024-08 vom 2024-07-15",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-08/"
},
{
"category": "external",
"summary": "HPE Security Bulletin hpesbnw04669 vom 2024-07-10",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04669en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "ALE Security Advisory",
"url": "https://www.al-enterprise.com/-/media/assets/internet/documents/n-to-s/sa-a0010-ed02.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4479 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4469 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4484 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4474 vom 2024-07-19",
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"category": "external",
"summary": "Meinberg Security Advisory vom 2024-07-22",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-04-lantime-firmware-v7-08-014.htm"
},
{
"category": "external",
"summary": "Huawei Security Advisory HWPSIRT-2024-56267 huawei-sa-ORCEViSHP-90459233 vom 2024-07-22 vom 2024-07-24",
"url": "https://securitybulletin.huawei.com/enterprise/en/security-advisory"
},
{
"category": "external",
"summary": "WatchGuard Fireware Advisory vom 2024-07-26",
"url": "https://www.watchguard.com/wgrd-blog/watchguard-fireware-v12104-update-1-available-now"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6942-1 vom 2024-08-01",
"url": "https://ubuntu.com/security/notices/USN-6942-1"
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-246387 vom 2024-08-02",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246387-multiple-moxa-product-series-affected-by-cve-2024-6387"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-24:08.OPENSSH vom 2024-08-07",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-24:08.openssh.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7163719 vom 2024-08-07",
"url": "https://www.ibm.com/support/pages/node/7163719"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6960-1 vom 2024-08-14",
"url": "https://ubuntu.com/security/notices/USN-6960-1"
},
{
"category": "external",
"summary": "Securepoint UTM Changelog vom 2024-08-14",
"url": "https://wiki.securepoint.de/UTM/Changelog"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-342 vom 2024-08-14",
"url": "https://www.dell.com/support/kbdoc/de-de/000227795/dsa-2024-342-security-update-for-dell-idrac9-openssh-vulnerability"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6859-1",
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"category": "external",
"summary": "DELL Security Update for Dell PowerScale OneFS",
"url": "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
},
{
"category": "external",
"summary": "Phoenix Contact Security Advisory VDE-2024-051 vom 2024-09-04",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/b9ce1d5716385f4b9cd6a9c91a9e2c8a/Security_Advisory_FL_MGUARD_VDE_2024_051.pdf"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-24-258 vom 2024-09-11",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-258"
},
{
"category": "external",
"summary": "HPE Security Bulletin vom 2024-10-28",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04725en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92873 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183378 vom 2025-02-14",
"url": "https://www.ibm.com/support/pages/node/7183378"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183471 vom 2025-02-26",
"url": "https://www.ibm.com/support/pages/node/7183471"
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-251431 vom 2025-04-02",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0676-command-injection-leading-to-privilege-escalation"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-167 vom 2025-04-07",
"url": "https://www.dell.com/support/kbdoc/de-de/000304933/dsa-2025-167-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20009-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021369.html"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-25-13 vom 2025-06-06",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-25-13"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-082556 vom 2025-06-10",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240701-0001 vom 2026-02-13",
"url": "https://security.netapp.com/advisory/NTAP-20240701-0001"
}
],
"source_lang": "en-US",
"title": "OpenSSH: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2026-02-12T23:00:00.000+00:00",
"generator": {
"date": "2026-02-13T12:17:46.113+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-1486",
"initial_release_date": "2024-06-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux, Amazon, WatchGuard und Fedora aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE, QNAP und NetBSD aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "4",
"summary": "Schwachstelle wird in gezielten Angriffen ausgenutzt"
},
{
"date": "2024-07-04T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Cisco und Red Hat aufgenommen"
},
{
"date": "2024-07-08T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Cisco Produkte aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "9",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "10",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von OTRS aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "13",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-21T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Cisco"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Huawei aufgenommen"
},
{
"date": "2024-07-25T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von FreeBSD und IBM aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von VDE aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Fortinet aufgenommen"
},
{
"date": "2024-10-28T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-02-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von moxa aufgenommen"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von QNAP aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Siemens aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von NetApp aufgenommen"
}
],
"status": "final",
"version": "35"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise AOS",
"product": {
"name": "Alcatel Lucent Enterprise AOS",
"product_id": "422",
"product_identification_helper": {
"cpe": "cpe:/o:alcatel:aos:-"
}
}
},
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise Desk Phone",
"product": {
"name": "Alcatel Lucent Enterprise Desk Phone",
"product_id": "T036148",
"product_identification_helper": {
"cpe": "cpe:/h:alcatel-lucent:deskphone:-"
}
}
},
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise OmniSwitch",
"product": {
"name": "Alcatel Lucent Enterprise OmniSwitch",
"product_id": "T017286",
"product_identification_helper": {
"cpe": "cpe:/h:alcatel-lucent:omniswitch:-"
}
}
}
],
"category": "vendor",
"name": "Alcatel Lucent Enterprise"
},
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Arista EOS",
"product": {
"name": "Arista EOS",
"product_id": "T007958",
"product_identification_helper": {
"cpe": "cpe:/o:arista:arista_eos:-"
}
}
}
],
"category": "vendor",
"name": "Arista"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "CX Switches",
"product": {
"name": "Aruba ArubaOS CX Switches",
"product_id": "T036139",
"product_identification_helper": {
"cpe": "cpe:/o:arubanetworks:arubaos:cx_switches"
}
}
}
],
"category": "product_name",
"name": "ArubaOS"
},
{
"branches": [
{
"category": "product_version",
"name": "SD-WAN Orchestrator",
"product": {
"name": "Aruba EdgeConnect SD-WAN Orchestrator",
"product_id": "T036138",
"product_identification_helper": {
"cpe": "cpe:/a:aruba:edgeconnect:sd-wan_orchestrator"
}
}
}
],
"category": "product_name",
"name": "EdgeConnect"
},
{
"branches": [
{
"category": "product_version",
"name": "CX",
"product": {
"name": "Aruba Switch CX",
"product_id": "T024430",
"product_identification_helper": {
"cpe": "cpe:/h:arubanetworks:switch:aos-cx"
}
}
}
],
"category": "product_name",
"name": "Switch"
}
],
"category": "vendor",
"name": "Aruba"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco ASA (Adaptive Security Appliance)",
"product": {
"name": "Cisco ASA (Adaptive Security Appliance)",
"product_id": "T035033",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:adaptive_security_appliance:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "1540",
"product": {
"name": "Cisco Aironet Access Point 1540",
"product_id": "T016298",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:1540_series"
}
}
},
{
"category": "product_version",
"name": "1560",
"product": {
"name": "Cisco Aironet Access Point 1560",
"product_id": "T020457",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:1560_series"
}
}
},
{
"category": "product_version",
"name": "802.11ac Wave2",
"product": {
"name": "Cisco Aironet Access Point 802.11ac Wave2",
"product_id": "T035856",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:802.11ac_wave2"
}
}
}
],
"category": "product_name",
"name": "Aironet Access Point"
},
{
"category": "product_name",
"name": "Cisco Application Policy Infrastructure Controller",
"product": {
"name": "Cisco Application Policy Infrastructure Controller",
"product_id": "778219",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9800 Series Wireless Controllers",
"product": {
"name": "Cisco Catalyst 9800 Series Wireless Controllers",
"product_id": "T017342",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:9800_series_wireless_controllers"
}
}
},
{
"category": "product_version",
"name": "9100 Series Access Points",
"product": {
"name": "Cisco Catalyst 9100 Series Access Points",
"product_id": "T024739",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:9100_series_access_points"
}
}
},
{
"category": "product_version",
"name": "IW6300 Heavy Duty Series Access Points",
"product": {
"name": "Cisco Catalyst IW6300 Heavy Duty Series Access Points",
"product_id": "T035857",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw6300_heavy_duty_series_access_points"
}
}
},
{
"category": "product_version",
"name": "IW9165 Heavy Duty Series",
"product": {
"name": "Cisco Catalyst IW9165 Heavy Duty Series",
"product_id": "T035858",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9165_heavy_duty_series"
}
}
},
{
"category": "product_version",
"name": "IW9165 Rugged Series",
"product": {
"name": "Cisco Catalyst IW9165 Rugged Series",
"product_id": "T035859",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9165_rugged_series"
}
}
},
{
"category": "product_version",
"name": "IW9167 Heavy Duty Series",
"product": {
"name": "Cisco Catalyst IW9167 Heavy Duty Series",
"product_id": "T035860",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9167_heavy_duty_series"
}
}
}
],
"category": "product_name",
"name": "Catalyst"
},
{
"category": "product_name",
"name": "Cisco Emergency Responder",
"product": {
"name": "Cisco Emergency Responder",
"product_id": "T030244",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:emergency_responder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Evolved Programmable Network Manager",
"product": {
"name": "Cisco Evolved Programmable Network Manager",
"product_id": "T035899",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:evolved_programmable_network_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Expressway",
"product": {
"name": "Cisco Expressway",
"product_id": "T014329",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:expressway_software:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Firepower Chassis Manager",
"product": {
"name": "Cisco FXOS Firepower Chassis Manager",
"product_id": "T035853",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:fxos:firepower_chassis_manager"
}
}
}
],
"category": "product_name",
"name": "FXOS"
},
{
"branches": [
{
"category": "product_version",
"name": "Management Center",
"product": {
"name": "Cisco Firepower Management Center",
"product_id": "T016458",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:management_center"
}
}
},
{
"category": "product_version",
"name": "Threat Defense",
"product": {
"name": "Cisco Firepower Threat Defense",
"product_id": "T029736",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:threat_defense"
}
}
}
],
"category": "product_name",
"name": "Firepower"
},
{
"category": "product_name",
"name": "Cisco IOS XE",
"product": {
"name": "Cisco IOS XE",
"product_id": "203396",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9841",
"product": {
"name": "Cisco IP Phone 9841",
"product_id": "T035900",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ip_phone:9841"
}
}
},
{
"category": "product_version",
"name": "9851",
"product": {
"name": "Cisco IP Phone 9851",
"product_id": "T035901",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ip_phone:9851"
}
}
}
],
"category": "product_name",
"name": "IP Phone"
},
{
"category": "product_name",
"name": "Cisco Identity Services Engine (ISE)",
"product": {
"name": "Cisco Identity Services Engine (ISE)",
"product_id": "T000612",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:identity_services_engine_software:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Meeting Server",
"product": {
"name": "Cisco Meeting Server",
"product_id": "T018748",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:meeting_server:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3000",
"product": {
"name": "Cisco Nexus 3000",
"product_id": "T003851",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:3000"
}
}
},
{
"category": "product_version",
"name": "9000",
"product": {
"name": "Cisco Nexus 9000",
"product_id": "T003853",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:9000"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"category": "product_name",
"name": "Cisco Nexus Dashboard",
"product": {
"name": "Cisco Nexus Dashboard",
"product_id": "1202977",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:nexus_dashboard:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Prime Infrastructure",
"product": {
"name": "Cisco Prime Infrastructure",
"product_id": "T000756",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_infrastructure:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "ASR 5000",
"product": {
"name": "Cisco Router ASR 5000",
"product_id": "T004611",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:router:asr_5000"
}
}
}
],
"category": "product_name",
"name": "Router"
},
{
"category": "product_name",
"name": "Cisco Secure Email Gateway",
"product": {
"name": "Cisco Secure Email Gateway",
"product_id": "1269011",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_email_gateway:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Secure Web Appliance",
"product": {
"name": "Cisco Secure Web Appliance",
"product_id": "T034850",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_web_appliance:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Smart Software Manager On-Prem",
"product": {
"name": "Cisco Smart Software Manager On-Prem",
"product_id": "T035854",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:smart_software_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Video Communication Server",
"product": {
"name": "Cisco TelePresence Video Communication Server",
"product_id": "T018121",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:telepresence:video_communication_server"
}
}
}
],
"category": "product_name",
"name": "TelePresence"
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM)",
"product": {
"name": "Cisco Unified Communications Manager (CUCM)",
"product_id": "T030240",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Express (UCCX)",
"product": {
"name": "Cisco Unified Contact Center Express (UCCX)",
"product_id": "915286",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Connection",
"product": {
"name": "Cisco Unity Connection",
"product_id": "T030242",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unity_connection:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "6300 Series Embedded",
"product": {
"name": "Cisco Wireless Access Point 6300 Series Embedded",
"product_id": "T035855",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:wap:6300_series_embedded"
}
}
}
],
"category": "product_name",
"name": "Wireless Access Point"
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Gen5a \u003cHotfix 338868",
"product": {
"name": "Dell Avamar Gen5a \u003cHotfix 338868",
"product_id": "T042429"
}
},
{
"category": "product_version",
"name": "Gen5a Hotfix 338868",
"product": {
"name": "Dell Avamar Gen5a Hotfix 338868",
"product_id": "T042429-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:gen5a__hotfix_338868"
}
}
}
],
"category": "product_name",
"name": "Avamar"
},
{
"category": "product_name",
"name": "Dell PowerScale OneFS",
"product": {
"name": "Dell PowerScale OneFS",
"product_id": "T034610",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerscale_onefs:onefs"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.00.00.173",
"product": {
"name": "Dell integrated Dell Remote Access Controller \u003c7.00.00.173",
"product_id": "T036911"
}
},
{
"category": "product_version",
"name": "7.00.00.173",
"product": {
"name": "Dell integrated Dell Remote Access Controller 7.00.00.173",
"product_id": "T036911-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:idrac:7.00.00.173"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.50.10",
"product": {
"name": "Dell integrated Dell Remote Access Controller \u003c7.10.50.10",
"product_id": "T036912"
}
},
{
"category": "product_version",
"name": "7.10.50.10",
"product": {
"name": "Dell integrated Dell Remote Access Controller 7.10.50.10",
"product_id": "T036912-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:idrac:7.10.50.10"
}
}
}
],
"category": "product_name",
"name": "integrated Dell Remote Access Controller"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Fortinet FortiAnalyzer",
"product": {
"name": "Fortinet FortiAnalyzer",
"product_id": "T022516",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortianalyzer:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiAuthenticator",
"product": {
"name": "Fortinet FortiAuthenticator",
"product_id": "1002224",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortiauthenticator:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiMail",
"product": {
"name": "Fortinet FortiMail",
"product_id": "T022518",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortimail:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiManager",
"product": {
"name": "Fortinet FortiManager",
"product_id": "T003827",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortimanager:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiVoice",
"product": {
"name": "Fortinet FortiVoice",
"product_id": "T037588",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortivoice:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiWeb",
"product": {
"name": "Fortinet FortiWeb",
"product_id": "T037589",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortiweb:-"
}
}
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c16.0.2",
"product": {
"name": "HAProxy ALOHA \u003c16.0.2",
"product_id": "T035886"
}
},
{
"category": "product_version",
"name": "16.0.2",
"product": {
"name": "HAProxy ALOHA 16.0.2",
"product_id": "T035886-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:16.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.5.12",
"product": {
"name": "HAProxy ALOHA \u003c15.5.12",
"product_id": "T035887"
}
},
{
"category": "product_version",
"name": "15.5.12",
"product": {
"name": "HAProxy ALOHA 15.5.12",
"product_id": "T035887-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:15.5.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.5.23",
"product": {
"name": "HAProxy ALOHA \u003c14.5.23",
"product_id": "T035888"
}
},
{
"category": "product_version",
"name": "14.5.23",
"product": {
"name": "HAProxy ALOHA 14.5.23",
"product_id": "T035888-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:14.5.23"
}
}
}
],
"category": "product_name",
"name": "ALOHA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024-07-04",
"product": {
"name": "HAProxy HAProxy \u003c2024-07-04",
"product_id": "T035889"
}
},
{
"category": "product_version",
"name": "2024-07-04",
"product": {
"name": "HAProxy HAProxy 2024-07-04",
"product_id": "T035889-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:haproxy:haproxy:2024-07-04"
}
}
}
],
"category": "product_name",
"name": "HAProxy"
}
],
"category": "vendor",
"name": "HAProxy"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "sshd \u003cA.09.30.007",
"product": {
"name": "HPE HP-UX sshd \u003cA.09.30.007",
"product_id": "T038630"
}
},
{
"category": "product_version",
"name": "sshd A.09.30.007",
"product": {
"name": "HPE HP-UX sshd A.09.30.007",
"product_id": "T038630-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:hp:hp-ux:sshd__a.09.30.007"
}
}
}
],
"category": "product_name",
"name": "HP-UX"
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "Huawei AC6805",
"product": {
"name": "Huawei AC6805",
"product_id": "T036448",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:ac6805_firmware:-"
}
}
},
{
"category": "product_name",
"name": "Huawei AirEngine",
"product": {
"name": "Huawei AirEngine",
"product_id": "T036449",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:airengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei CloudEngine",
"product": {
"name": "Huawei CloudEngine",
"product_id": "T036450",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:cloudengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei FusionServer Pro",
"product": {
"name": "Huawei FusionServer Pro",
"product_id": "T036451",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:fusionserver_pro:-"
}
}
},
{
"category": "product_name",
"name": "Huawei NetEngine",
"product": {
"name": "Huawei NetEngine",
"product_id": "T036455",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:netengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei OceanStor",
"product": {
"name": "Huawei OceanStor",
"product_id": "516536",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:oceanstor_uds:-"
}
}
},
{
"category": "product_name",
"name": "Huawei Router",
"product": {
"name": "Huawei Router",
"product_id": "T034372",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:router:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE Fabric",
"product": {
"name": "Huawei iMaster NCE Fabric",
"product_id": "T036454",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-fabric:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE FabricInsight",
"product": {
"name": "Huawei iMaster NCE FabricInsight",
"product_id": "T031541",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce_fabricinsight:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE-Campus",
"product": {
"name": "Huawei iMaster NCE-Campus",
"product_id": "T036452",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-campus:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE-CampusInsight",
"product": {
"name": "Huawei iMaster NCE-CampusInsight",
"product_id": "T036453",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-campusinsight:-"
}
}
}
],
"category": "vendor",
"name": "Huawei"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM AIX 3.1",
"product_id": "30380",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM AIX 4.1",
"product_id": "30388",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:4.1"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version",
"name": "Cloud Pak",
"product": {
"name": "IBM DB2 Cloud Pak",
"product_id": "T036672",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:cloud_pak"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T020642",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "IBM Security Guardium 12.0",
"product_id": "T031092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.0"
}
}
},
{
"category": "product_version",
"name": "12.1",
"product": {
"name": "IBM Security Guardium 12.1",
"product_id": "T041237",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.1"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.4.2",
"product": {
"name": "IGEL OS \u003c12.4.2",
"product_id": "T035571"
}
},
{
"category": "product_version",
"name": "12.4.2",
"product": {
"name": "IGEL OS 12.4.2",
"product_id": "T035571-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:12.4.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.10.150",
"product": {
"name": "IGEL OS \u003c11.10.150",
"product_id": "T035572"
}
},
{
"category": "product_version",
"name": "11.10.150",
"product": {
"name": "IGEL OS 11.10.150",
"product_id": "T035572-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:11.10.150"
}
}
}
],
"category": "product_name",
"name": "OS"
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.2R2",
"product": {
"name": "Juniper JUNOS \u003c24.2R2",
"product_id": "T037895"
}
},
{
"category": "product_version",
"name": "24.2R2",
"product": {
"name": "Juniper JUNOS 24.2R2",
"product_id": "T037895-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R2-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.2R2-EVO",
"product_id": "T037905"
}
},
{
"category": "product_version",
"name": "24.2R2-EVO",
"product": {
"name": "Juniper JUNOS 24.2R2-EVO",
"product_id": "T037905-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r2-evo"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R1-S2",
"product": {
"name": "Juniper JUNOS \u003c24.2R1-S2",
"product_id": "T040069"
}
},
{
"category": "product_version",
"name": "24.2R1-S2",
"product": {
"name": "Juniper JUNOS 24.2R1-S2",
"product_id": "T040069-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r1-s2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.4R1",
"product": {
"name": "Juniper JUNOS \u003c24.4R1",
"product_id": "T040070"
}
},
{
"category": "product_version",
"name": "24.4R1",
"product": {
"name": "Juniper JUNOS 24.4R1",
"product_id": "T040070-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.4r1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R1-S2-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.2R1-S2-EVO",
"product_id": "T040071"
}
},
{
"category": "product_version",
"name": "24.2R1-S2-EVO",
"product": {
"name": "Juniper JUNOS 24.2R1-S2-EVO",
"product_id": "T040071-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r1-s2-evo"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.4R1-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.4R1-EVO",
"product_id": "T040072"
}
},
{
"category": "product_version",
"name": "24.4R1-EVO",
"product": {
"name": "Juniper JUNOS 24.4R1-EVO",
"product_id": "T040072-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.4r1-evo"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV7.08.014",
"product": {
"name": "Meinberg LANTIME \u003cV7.08.014",
"product_id": "T036396"
}
},
{
"category": "product_version",
"name": "V7.08.014",
"product": {
"name": "Meinberg LANTIME V7.08.014",
"product_id": "T036396-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:v7.08.014"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "EDR-8010 \u003c3.12",
"product": {
"name": "Moxa Router EDR-8010 \u003c3.12",
"product_id": "T036563"
}
},
{
"category": "product_version",
"name": "EDR-8010 3.12",
"product": {
"name": "Moxa Router EDR-8010 3.12",
"product_id": "T036563-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:edr-8010__3.12"
}
}
},
{
"category": "product_version_range",
"name": "EDR-G9010 \u003c3.12",
"product": {
"name": "Moxa Router EDR-G9010 \u003c3.12",
"product_id": "T036564"
}
},
{
"category": "product_version",
"name": "EDR-G9010 3.12",
"product": {
"name": "Moxa Router EDR-G9010 3.12",
"product_id": "T036564-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:edr-g9010__3.12"
}
}
},
{
"category": "product_version_range",
"name": "OnCell G4302-LTE4 \u003c3.12",
"product": {
"name": "Moxa Router OnCell G4302-LTE4 \u003c3.12",
"product_id": "T036565"
}
},
{
"category": "product_version",
"name": "OnCell G4302-LTE4 3.12",
"product": {
"name": "Moxa Router OnCell G4302-LTE4 3.12",
"product_id": "T036565-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:oncell_g4302-lte4__3.12"
}
}
},
{
"category": "product_name",
"name": "Moxa Router",
"product": {
"name": "Moxa Router",
"product_id": "T042271",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:-"
}
}
}
],
"category": "product_name",
"name": "Router"
}
],
"category": "vendor",
"name": "Moxa"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Baseboard Management Controller",
"product": {
"name": "NetApp AFF Baseboard Management Controller",
"product_id": "T025086",
"product_identification_helper": {
"cpe": "cpe:/h:netapp:aff:::baseboard_management_controller"
}
}
}
],
"category": "product_name",
"name": "AFF"
},
{
"branches": [
{
"category": "product_version",
"name": "for VMware vSphere",
"product": {
"name": "NetApp ActiveIQ Unified Manager for VMware vSphere",
"product_id": "T025152",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
},
{
"branches": [
{
"category": "product_version",
"name": "Baseboard Management Controller",
"product": {
"name": "NetApp FAS Baseboard Management Controller",
"product_id": "T043535",
"product_identification_helper": {
"cpe": "cpe:/h:netapp:fas:baseboard_management_controller"
}
}
}
],
"category": "product_name",
"name": "FAS"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "NetBSD Foundation NetBSD OS",
"product": {
"name": "NetBSD Foundation NetBSD OS",
"product_id": "7660",
"product_identification_helper": {
"cpe": "cpe:/o:netbsd:netbsd:-"
}
}
}
],
"category": "vendor",
"name": "NetBSD Foundation"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "SaaS platform \u003c2024-07",
"product": {
"name": "OTRS OTRS SaaS platform \u003c2024-07",
"product_id": "T036136"
}
},
{
"category": "product_version",
"name": "SaaS platform 2024-07",
"product": {
"name": "OTRS OTRS SaaS platform 2024-07",
"product_id": "T036136-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:otrs:otrs:2024-07::saas_platform"
}
}
}
],
"category": "product_name",
"name": "OTRS"
}
],
"category": "vendor",
"name": "OTRS"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.8p1",
"product": {
"name": "Open Source OpenSSH \u003c9.8p1",
"product_id": "T035701"
}
},
{
"category": "product_version",
"name": "9.8p1",
"product": {
"name": "Open Source OpenSSH 9.8p1",
"product_id": "T035701-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openssh:9.8p1"
}
}
},
{
"category": "product_version_range",
"name": "\u003e=8.5p1",
"product": {
"name": "Open Source OpenSSH \u003e=8.5p1",
"product_id": "T035702"
}
},
{
"category": "product_version_range",
"name": "\u003e=8.5p1",
"product": {
"name": "Open Source OpenSSH \u003e=8.5p1",
"product_id": "T035702-fixed"
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c8.9.3",
"product_id": "T037367"
}
},
{
"category": "product_version",
"name": "8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD 8.9.3",
"product_id": "T037367-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:8.9.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c10.4.1",
"product_id": "T037368"
}
},
{
"category": "product_version",
"name": "10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD 10.4.1",
"product_id": "T037368-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:10.4.1"
}
}
}
],
"category": "product_name",
"name": "FL MGUARD"
}
],
"category": "vendor",
"name": "Phoenix Contact"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
},
{
"category": "product_version",
"name": "QES 2.2.0",
"product": {
"name": "QNAP NAS QES 2.2.0",
"product_id": "T044421",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:qes_2.2.0"
}
}
}
],
"category": "product_name",
"name": "NAS"
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.6.5.1",
"product": {
"name": "Securepoint UTM \u003c12.6.5.1",
"product_id": "T035805"
}
},
{
"category": "product_version",
"name": "12.6.5.1",
"product": {
"name": "Securepoint UTM 12.6.5.1",
"product_id": "T035805-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:securepoint:unified_threat_management:12.6.5.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.7.2",
"product": {
"name": "Securepoint UTM \u003c12.7.2",
"product_id": "T036885"
}
},
{
"category": "product_version",
"name": "12.7.2",
"product": {
"name": "Securepoint UTM 12.7.2",
"product_id": "T036885-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:securepoint:unified_threat_management:12.7.2"
}
}
}
],
"category": "product_name",
"name": "UTM"
}
],
"category": "vendor",
"name": "Securepoint"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500 CPU",
"product": {
"name": "Siemens SIMATIC S7 1500 CPU",
"product_id": "T025776",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500_cpu"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "WatchGuard Firebox",
"product": {
"name": "WatchGuard Firebox",
"product_id": "T030882",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.10.4 Update 1",
"product": {
"name": "WatchGuard Firebox \u003c12.10.4 Update 1",
"product_id": "T036460"
}
},
{
"category": "product_version",
"name": "12.10.4 Update 1",
"product": {
"name": "WatchGuard Firebox 12.10.4 Update 1",
"product_id": "T036460-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:12.10.4_update_1"
}
}
}
],
"category": "product_name",
"name": "Firebox"
}
],
"category": "vendor",
"name": "WatchGuard"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"product_status": {
"known_affected": [
"T035856",
"T035855",
"T035854",
"T035853",
"T035859",
"T035858",
"T035857",
"1202977",
"T035572",
"T042429",
"T035571",
"T036148",
"30380",
"1139691",
"T020642",
"30388",
"T000756",
"T031092",
"T029736",
"398363",
"T025776",
"T042271",
"T035900",
"T031541",
"T003851",
"T003853",
"T035901",
"T037367",
"T037368",
"T034372",
"T036396",
"T036672",
"T035860",
"T021621",
"T024739",
"2951",
"T004611",
"1002224",
"T035033",
"T036885",
"T022518",
"T040072",
"T040071",
"T040070",
"1269011",
"T025086",
"T037905",
"T036139",
"T036136",
"T037588",
"T037589",
"T007958",
"T036138",
"T017100",
"T017342",
"422",
"T000126",
"778219",
"915286",
"T040069",
"T024430",
"T044421",
"T030244",
"T030882",
"T035899",
"T016458",
"T004914",
"T030240",
"T018121",
"T003827",
"T030242",
"T016298",
"T036460",
"T035701",
"T034610",
"434967",
"T036911",
"T036912",
"T034850",
"T039981",
"T017286",
"T022516",
"T002207",
"203396",
"T020457",
"7660",
"516536",
"T025152",
"67646",
"T036448",
"4035",
"T036449",
"T036564",
"T037895",
"T036565",
"T036563",
"T000612",
"T018748",
"T025159",
"T035889",
"T035888",
"T035887",
"T035886",
"T035805",
"T014329",
"T036454",
"T036455",
"T036450",
"T036451",
"74185",
"T036452",
"T036453",
"T038630",
"T043535",
"T041237"
]
},
"release_date": "2024-06-30T22:00:00.000+00:00",
"title": "CVE-2024-6387"
}
]
}
WID-SEC-W-2024-1725
Vulnerability from csaf_certbund - Published: 2024-07-29 22:00 - Updated: 2026-01-11 23:00Summary
Apple macOS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code mit Administratorrechten auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Daten zu modifizieren, den Benutzer zu täuschen, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - MacOS X
- UNIX
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.7.6
Apple / macOS
|
Monterey <12.7.6 | ||
|
Apple macOS Sonoma <14.6
Apple / macOS
|
Sonoma <14.6 | ||
|
Apple macOS Ventura <13.6.8
Apple / macOS
|
Ventura <13.6.8 | ||
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code mit Administratorrechten auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen, Daten zu modifizieren, den Benutzer zu t\u00e4uschen, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1725 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1725.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1725 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1725"
},
{
"category": "external",
"summary": "Apple security Update vom 2024-07-29",
"url": "https://support.apple.com/en-us/HT214118"
},
{
"category": "external",
"summary": "Apple security Update vom 2024-07-29",
"url": "https://support.apple.com/en-us/HT214119"
},
{
"category": "external",
"summary": "Apple security Update vom 2024-07-29",
"url": "https://support.apple.com/en-eg/HT214120"
},
{
"category": "external",
"summary": "Dell Knowledge Base Article",
"url": "https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-11T23:00:00.000+00:00",
"generator": {
"date": "2026-01-12T10:15:58.135+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-1725",
"initial_release_date": "2024-07-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "2",
"summary": "CVE\u0027s erg\u00e4nzt"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "3",
"summary": "CVE aufgenommen"
},
{
"date": "2025-03-23T23:00:00.000+00:00",
"number": "4",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2025-03-24T23:00:00.000+00:00",
"number": "5",
"summary": "CVE-2024-54551, CVE-2024-54564 erg\u00e4nzt"
},
{
"date": "2025-03-27T23:00:00.000+00:00",
"number": "6",
"summary": "CVE-2024-40810, CVE-2024-44305 erg\u00e4nzt"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Monterey \u003c12.7.6",
"product": {
"name": "Apple macOS Monterey \u003c12.7.6",
"product_id": "T036491"
}
},
{
"category": "product_version",
"name": "Monterey 12.7.6",
"product": {
"name": "Apple macOS Monterey 12.7.6",
"product_id": "T036491-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.7.6"
}
}
},
{
"category": "product_version_range",
"name": "Sonoma \u003c14.6",
"product": {
"name": "Apple macOS Sonoma \u003c14.6",
"product_id": "T036492"
}
},
{
"category": "product_version",
"name": "Sonoma 14.6",
"product": {
"name": "Apple macOS Sonoma 14.6",
"product_id": "T036492-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:sonoma__14.6"
}
}
},
{
"category": "product_version_range",
"name": "Ventura \u003c13.6.8",
"product": {
"name": "Apple macOS Ventura \u003c13.6.8",
"product_id": "T036493"
}
},
{
"category": "product_version",
"name": "Ventura 13.6.8",
"product": {
"name": "Apple macOS Ventura 13.6.8",
"product_id": "T036493-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:ventura__13.6.8"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T047351",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27952",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2023-27952"
},
{
"cve": "CVE-2023-38709",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2023-38709"
},
{
"cve": "CVE-2023-52356",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2023-52356"
},
{
"cve": "CVE-2023-6277",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2023-6277"
},
{
"cve": "CVE-2024-2004",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-2004"
},
{
"cve": "CVE-2024-23261",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-23261"
},
{
"cve": "CVE-2024-23296",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-23296"
},
{
"cve": "CVE-2024-2379",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-2379"
},
{
"cve": "CVE-2024-2398",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-2466",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-2466"
},
{
"cve": "CVE-2024-24795",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-24795"
},
{
"cve": "CVE-2024-27316",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27316"
},
{
"cve": "CVE-2024-27826",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27826"
},
{
"cve": "CVE-2024-27862",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27862"
},
{
"cve": "CVE-2024-27863",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27863"
},
{
"cve": "CVE-2024-27871",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27871"
},
{
"cve": "CVE-2024-27872",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27872"
},
{
"cve": "CVE-2024-27873",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27873"
},
{
"cve": "CVE-2024-27877",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27877"
},
{
"cve": "CVE-2024-27878",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27878"
},
{
"cve": "CVE-2024-27881",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27881"
},
{
"cve": "CVE-2024-27882",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27882"
},
{
"cve": "CVE-2024-27883",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-27883"
},
{
"cve": "CVE-2024-40774",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40774"
},
{
"cve": "CVE-2024-40775",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40775"
},
{
"cve": "CVE-2024-40776",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40776"
},
{
"cve": "CVE-2024-40777",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40777"
},
{
"cve": "CVE-2024-40778",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40778"
},
{
"cve": "CVE-2024-40779",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40779"
},
{
"cve": "CVE-2024-40780",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40780"
},
{
"cve": "CVE-2024-40781",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40781"
},
{
"cve": "CVE-2024-40782",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40782"
},
{
"cve": "CVE-2024-40783",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40783"
},
{
"cve": "CVE-2024-40784",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40784"
},
{
"cve": "CVE-2024-40785",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40785"
},
{
"cve": "CVE-2024-40786",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40786"
},
{
"cve": "CVE-2024-40787",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40787"
},
{
"cve": "CVE-2024-40788",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40788"
},
{
"cve": "CVE-2024-40789",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40789"
},
{
"cve": "CVE-2024-40793",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40793"
},
{
"cve": "CVE-2024-40794",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40794"
},
{
"cve": "CVE-2024-40795",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40795"
},
{
"cve": "CVE-2024-40796",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40796"
},
{
"cve": "CVE-2024-40798",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40798"
},
{
"cve": "CVE-2024-40799",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40799"
},
{
"cve": "CVE-2024-40800",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40800"
},
{
"cve": "CVE-2024-40802",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40802"
},
{
"cve": "CVE-2024-40803",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40803"
},
{
"cve": "CVE-2024-40804",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40804"
},
{
"cve": "CVE-2024-40805",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40805"
},
{
"cve": "CVE-2024-40806",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40806"
},
{
"cve": "CVE-2024-40807",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40807"
},
{
"cve": "CVE-2024-40809",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40809"
},
{
"cve": "CVE-2024-40810",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40810"
},
{
"cve": "CVE-2024-40811",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40811"
},
{
"cve": "CVE-2024-40812",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40812"
},
{
"cve": "CVE-2024-40814",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40814"
},
{
"cve": "CVE-2024-40815",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40815"
},
{
"cve": "CVE-2024-40816",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40816"
},
{
"cve": "CVE-2024-40817",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40817"
},
{
"cve": "CVE-2024-40818",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40818"
},
{
"cve": "CVE-2024-40821",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40821"
},
{
"cve": "CVE-2024-40822",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40822"
},
{
"cve": "CVE-2024-40823",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40823"
},
{
"cve": "CVE-2024-40824",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40824"
},
{
"cve": "CVE-2024-40827",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40827"
},
{
"cve": "CVE-2024-40828",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40828"
},
{
"cve": "CVE-2024-40829",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40829"
},
{
"cve": "CVE-2024-40832",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40832"
},
{
"cve": "CVE-2024-40833",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40833"
},
{
"cve": "CVE-2024-40834",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40834"
},
{
"cve": "CVE-2024-40835",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40835"
},
{
"cve": "CVE-2024-40836",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-40836"
},
{
"cve": "CVE-2024-44141",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44141"
},
{
"cve": "CVE-2024-44185",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44185"
},
{
"cve": "CVE-2024-44199",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44199"
},
{
"cve": "CVE-2024-44205",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44205"
},
{
"cve": "CVE-2024-44206",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44206"
},
{
"cve": "CVE-2024-44305",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44305"
},
{
"cve": "CVE-2024-44306",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44306"
},
{
"cve": "CVE-2024-44307",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-44307"
},
{
"cve": "CVE-2024-4558",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-4558"
},
{
"cve": "CVE-2024-54551",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-54551"
},
{
"cve": "CVE-2024-54564",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-54564"
},
{
"cve": "CVE-2024-6387",
"product_status": {
"known_affected": [
"T036491",
"T036492",
"T036493",
"T047351"
]
},
"release_date": "2024-07-29T22:00:00.000+00:00",
"title": "CVE-2024-6387"
}
]
}
WID-SEC-W-2024-3195
Vulnerability from csaf_certbund - Published: 2024-10-15 22:00 - Updated: 2024-10-15 22:00Summary
Oracle Communications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications 12.11.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.11.0
|
12.11.0 | |
|
Oracle Communications 4.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.1.0
|
4.1.0 | |
|
Oracle Communications 4.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:4.2.0
|
4.2.0 | |
|
Oracle Communications 9.2.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.2.0
|
9.2.0 | |
|
Oracle Communications 9.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.3.0
|
9.3.0 | |
|
Oracle Communications 24.1.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Communications <10.4.0.4
Oracle / Communications
|
<10.4.0.4 | ||
|
Oracle Communications 5.2
Oracle / Communications
|
cpe:/a:oracle:communications:5.2
|
5.2 | |
|
Oracle Communications 24.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.0
|
24.1.0 | |
|
Oracle Communications 23.4.2
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.2
|
23.4.2 | |
|
Oracle Communications 14.0
Oracle / Communications
|
cpe:/a:oracle:communications:14.0
|
14 | |
|
Oracle Communications 9.1.1.9.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.9.0
|
9.1.1.9.0 | |
|
Oracle Communications 14.0.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:14.0.0.1
|
14.0.0.1 | |
|
Oracle Communications 17.0.1
Oracle / Communications
|
cpe:/a:oracle:communications:17.0.1
|
17.0.1 | |
|
Oracle Communications 9.1.5
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.5
|
9.1.5 | |
|
Oracle Communications 9.1.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.0
|
9.1.0 | |
|
Oracle Communications 12.6.1.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:12.6.1.0.0
|
12.6.1.0.0 | |
|
Oracle Communications 9.1.1.3.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.1.1.3.0
|
9.1.1.3.0 | |
|
Oracle Communications 5.1
Oracle / Communications
|
cpe:/a:oracle:communications:5.1
|
5.1 | |
|
Oracle Communications 24.2.2
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.2
|
24.2.2 | |
|
Oracle Communications 24.2.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.2.1
|
24.2.1 | |
|
Oracle Communications 24.1.1
Oracle / Communications
|
cpe:/a:oracle:communications:24.1.1
|
24.1.1 | |
|
Oracle Communications 23.4.3
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.3
|
23.4.3 | |
|
Oracle Communications 9.0.1.10.0
Oracle / Communications
|
cpe:/a:oracle:communications:9.0.1.10.0
|
9.0.1.10.0 | |
|
Oracle Communications 23.4.4
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.4
|
23.4.4 | |
|
Oracle Communications 15.0.0.0.0
Oracle / Communications
|
cpe:/a:oracle:communications:15.0.0.0.0
|
15.0.0.0.0 | |
|
Oracle Communications 23.4.0
Oracle / Communications
|
cpe:/a:oracle:communications:23.4.0
|
23.4.0 |
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications <=9.1.1.8.0
Oracle / Communications
|
<=9.1.1.8.0 | ||
|
Oracle Communications <=24.2.0
Oracle / Communications
|
<=24.2.0 | ||
|
Oracle Communications <=23.4.5
Oracle / Communications
|
<=23.4.5 | ||
|
Oracle Communications <=23.4.6
Oracle / Communications
|
<=23.4.6 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3195 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3195.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3195 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3195"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2024 - Appendix Oracle Communications vom 2024-10-15",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixCGBU"
}
],
"source_lang": "en-US",
"title": "Oracle Communications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-10-15T22:00:00.000+00:00",
"generator": {
"date": "2024-10-16T10:12:35.400+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3195",
"initial_release_date": "2024-10-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.1.1.3.0",
"product": {
"name": "Oracle Communications 9.1.1.3.0",
"product_id": "T027333",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.6.1.0.0",
"product": {
"name": "Oracle Communications 12.6.1.0.0",
"product_id": "T027338",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:12.6.1.0.0"
}
}
},
{
"category": "product_version",
"name": "5.1",
"product": {
"name": "Oracle Communications 5.1",
"product_id": "T028684",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:5.1"
}
}
},
{
"category": "product_version",
"name": "15.0.0.0.0",
"product": {
"name": "Oracle Communications 15.0.0.0.0",
"product_id": "T032090",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:15.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "23.4.0",
"product": {
"name": "Oracle Communications 23.4.0",
"product_id": "T032091",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.0"
}
}
},
{
"category": "product_version",
"name": "23.4.2",
"product": {
"name": "Oracle Communications 23.4.2",
"product_id": "T034144",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.2"
}
}
},
{
"category": "product_version",
"name": "24.1.0",
"product": {
"name": "Oracle Communications 24.1.0",
"product_id": "T034145",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.0"
}
}
},
{
"category": "product_version",
"name": "5.2",
"product": {
"name": "Oracle Communications 5.2",
"product_id": "T034146",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:5.2"
}
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Communications 24.1.0.0.0",
"product_id": "T034147",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "23.4.3",
"product": {
"name": "Oracle Communications 23.4.3",
"product_id": "T036195",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.3"
}
}
},
{
"category": "product_version",
"name": "23.4.4",
"product": {
"name": "Oracle Communications 23.4.4",
"product_id": "T036196",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:23.4.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=24.2.0",
"product": {
"name": "Oracle Communications \u003c=24.2.0",
"product_id": "T036197"
}
},
{
"category": "product_version_range",
"name": "\u003c=24.2.0",
"product": {
"name": "Oracle Communications \u003c=24.2.0",
"product_id": "T036197-fixed"
}
},
{
"category": "product_version",
"name": "4.1.0",
"product": {
"name": "Oracle Communications 4.1.0",
"product_id": "T036205",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:4.1.0"
}
}
},
{
"category": "product_version",
"name": "4.2.0",
"product": {
"name": "Oracle Communications 4.2.0",
"product_id": "T036206",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:4.2.0"
}
}
},
{
"category": "product_version",
"name": "9.2.0",
"product": {
"name": "Oracle Communications 9.2.0",
"product_id": "T036207",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.2.0"
}
}
},
{
"category": "product_version",
"name": "9.3.0",
"product": {
"name": "Oracle Communications 9.3.0",
"product_id": "T036208",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.3.0"
}
}
},
{
"category": "product_version",
"name": "12.11.0",
"product": {
"name": "Oracle Communications 12.11.0",
"product_id": "T036209",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:12.11.0"
}
}
},
{
"category": "product_version",
"name": "9.0.1.10.0",
"product": {
"name": "Oracle Communications 9.0.1.10.0",
"product_id": "T038373",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.0.1.10.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.5",
"product": {
"name": "Oracle Communications \u003c=23.4.5",
"product_id": "T038375"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.5",
"product": {
"name": "Oracle Communications \u003c=23.4.5",
"product_id": "T038375-fixed"
}
},
{
"category": "product_version",
"name": "24.2.1",
"product": {
"name": "Oracle Communications 24.2.1",
"product_id": "T038376",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.6",
"product": {
"name": "Oracle Communications \u003c=23.4.6",
"product_id": "T038377"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.4.6",
"product": {
"name": "Oracle Communications \u003c=23.4.6",
"product_id": "T038377-fixed"
}
},
{
"category": "product_version",
"name": "24.1.1",
"product": {
"name": "Oracle Communications 24.1.1",
"product_id": "T038378",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.1.1"
}
}
},
{
"category": "product_version",
"name": "24.2.2",
"product": {
"name": "Oracle Communications 24.2.2",
"product_id": "T038379",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:24.2.2"
}
}
},
{
"category": "product_version",
"name": "9.1.5",
"product": {
"name": "Oracle Communications 9.1.5",
"product_id": "T038380",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.5"
}
}
},
{
"category": "product_version",
"name": "9.1.0",
"product": {
"name": "Oracle Communications 9.1.0",
"product_id": "T038381",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.0"
}
}
},
{
"category": "product_version",
"name": "14",
"product": {
"name": "Oracle Communications 14.0",
"product_id": "T038382",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:14.0"
}
}
},
{
"category": "product_version",
"name": "9.1.1.9.0",
"product": {
"name": "Oracle Communications 9.1.1.9.0",
"product_id": "T038383",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:9.1.1.9.0"
}
}
},
{
"category": "product_version",
"name": "14.0.0.1",
"product": {
"name": "Oracle Communications 14.0.0.1",
"product_id": "T038384",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:14.0.0.1"
}
}
},
{
"category": "product_version",
"name": "17.0.1",
"product": {
"name": "Oracle Communications 17.0.1",
"product_id": "T038385",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:17.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.0.4",
"product": {
"name": "Oracle Communications \u003c10.4.0.4",
"product_id": "T038386"
}
},
{
"category": "product_version",
"name": "10.4.0.4",
"product": {
"name": "Oracle Communications 10.4.0.4",
"product_id": "T038386-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications:10.4.0.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.1.8.0",
"product": {
"name": "Oracle Communications \u003c=9.1.1.8.0",
"product_id": "T038426"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.1.1.8.0",
"product": {
"name": "Oracle Communications \u003c=9.1.1.8.0",
"product_id": "T038426-fixed"
}
}
],
"category": "product_name",
"name": "Communications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2068",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-2601",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-2601"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2023-2953",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-2953"
},
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-4043",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-46136",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51775",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-5685",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-6597",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6816",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2023-6816"
},
{
"cve": "CVE-2024-0450",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-22020",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22257",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2024-22262",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-23672",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-2398",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-25062",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-25638",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-28182",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29736",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30251",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-30251"
},
{
"cve": "CVE-2024-31080",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31744",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-31744"
},
{
"cve": "CVE-2024-32760",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-33602",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34750",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37371",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38816",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-40898",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-43044",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-43044"
},
{
"cve": "CVE-2024-45492",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-4577",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-5971",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-5971"
},
{
"cve": "CVE-2024-6162",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-6387",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-7254",
"notes": [
{
"category": "description",
"text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036209",
"T036205",
"T036206",
"T036207",
"T036208",
"T034147",
"T038386",
"T034146",
"T034145",
"T034144",
"T038382",
"T038383",
"T038384",
"T038385",
"T038380",
"T038381",
"T027338",
"T027333",
"T028684",
"T038379",
"T038376",
"T038378",
"T036195",
"T038373",
"T036196",
"T032090",
"T032091"
],
"last_affected": [
"T038426",
"T036197",
"T038375",
"T038377"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-7254"
}
]
}
WID-SEC-W-2026-1208
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-04-22 22:00Summary
Oracle Systems: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Systems umfasst eine Sammlung von Hardware, Betriebssystemen, Servern und Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Systems ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Windows
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Solaris 11.4
Oracle / Solaris
|
cpe:/a:oracle:solaris:11.4
|
11.4 | |
|
Oracle Systems Sun ZFS Storage Appliance Kit 8.8
Oracle / Systems
|
cpe:/a:oracle:systems:sun_zfs_storage_appliance_kit_8.8
|
Sun ZFS Storage Appliance Kit 8.8 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Solaris 11.4
Oracle / Solaris
|
cpe:/a:oracle:solaris:11.4
|
11.4 | |
|
Oracle Systems Sun ZFS Storage Appliance Kit 8.8
Oracle / Systems
|
cpe:/a:oracle:systems:sun_zfs_storage_appliance_kit_8.8
|
Sun ZFS Storage Appliance Kit 8.8 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Systems umfasst eine Sammlung von Hardware, Betriebssystemen, Servern und Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Systems ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1208 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1208.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1208 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1208"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2026 - Appendix Oracle Systems vom 2026-04-21",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixSUNS"
}
],
"source_lang": "en-US",
"title": "Oracle Systems: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-22T22:00:00.000+00:00",
"generator": {
"date": "2026-04-23T09:44:14.634+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1208",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "2",
"summary": "Produktzuordnung pr\u00e4zisiert"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.4",
"product": {
"name": "Oracle Solaris 11.4",
"product_id": "T053271",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:solaris:11.4"
}
}
}
],
"category": "product_name",
"name": "Solaris"
},
{
"branches": [
{
"category": "product_version",
"name": "Sun ZFS Storage Appliance Kit 8.8",
"product": {
"name": "Oracle Systems Sun ZFS Storage Appliance Kit 8.8",
"product_id": "T053272",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:systems:sun_zfs_storage_appliance_kit_8.8"
}
}
}
],
"category": "product_name",
"name": "Systems"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"product_status": {
"known_affected": [
"T053271",
"T053272"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2026-34281",
"product_status": {
"known_affected": [
"T053271",
"T053272"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34281"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…