cve-2010-4345
Vulnerability from cvelistv5
Published
2010-12-14 15:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-03-25
Due date: 2022-04-15
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-4345
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T03:43:14.742Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "43128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43128" }, { "name": "SUSE-SA:2010:059", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html" }, { "name": "[exim-dev] 20101209 Re: [Exim-maintainers] Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html" }, { "name": "VU#758489", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/758489" }, { "name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012" }, { "name": "ADV-2011-0364", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format" }, { "name": "RHSA-2011:0153", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html" }, { "name": "45341", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/45341" }, { "name": "42930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42930" }, { "name": "42576", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/42576" }, { "name": "43243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43243" }, { "name": "1024859", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1024859" }, { "name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html" }, { "name": "DSA-2154", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2011/dsa-2154" }, { "name": "20101213 Exim security issue in historical release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/" }, { "name": "ADV-2011-0245", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0245" }, { "name": "ADV-2011-0135", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0135" }, { "name": "USN-1060-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "name": "ADV-2010-3204", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3204" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.exim.org/show_bug.cgi?id=1044" }, { "name": "DSA-2131", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2010/dsa-2131" }, { "name": "ADV-2010-3171", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/3171" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html" }, { "name": "[oss-security] 20101210 Exim remote root", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://openwall.com/lists/oss-security/2010/12/10/1" }, { "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-12-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-04T17:06:32", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "43128", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43128" }, { "name": "SUSE-SA:2010:059", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html" }, { "name": "[exim-dev] 20101209 Re: [Exim-maintainers] Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html" }, { "name": "VU#758489", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/758489" }, { "name": "[exim-dev] 20101207 Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012" }, { "name": "ADV-2011-0364", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format" }, { "name": "RHSA-2011:0153", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html" }, { "name": "45341", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/45341" }, { "name": "42930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42930" }, { "name": "42576", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/42576" }, { "name": "43243", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43243" }, { "name": "1024859", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1024859" }, { "name": "[exim-dev] 20101210 Re: Remote root vulnerability in Exim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html" }, { "name": "DSA-2154", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2011/dsa-2154" }, { "name": "20101213 Exim security issue in historical release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/" }, { "name": "ADV-2011-0245", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0245" }, { "name": "ADV-2011-0135", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0135" }, { "name": "USN-1060-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "name": "ADV-2010-3204", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3204" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.exim.org/show_bug.cgi?id=1044" }, { "name": "DSA-2131", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2010/dsa-2131" }, { "name": "ADV-2010-3171", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/3171" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html" }, { "name": "[oss-security] 20101210 Exim remote root", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://openwall.com/lists/oss-security/2010/12/10/1" }, { "name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4345", "datePublished": "2010-12-14T15:00:00", "dateReserved": "2010-11-30T00:00:00", "dateUpdated": "2024-08-07T03:43:14.742Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2010-4345", "cwes": "[\"CWE-264\"]", "dateAdded": "2022-03-25", "dueDate": "2022-04-15", "knownRansomwareCampaignUse": "Unknown", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-4345", "product": "Exim", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.", "vendorProject": "Exim", "vulnerabilityName": "Exim Privilege Escalation Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2010-4345\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-12-14T16:00:04.257\",\"lastModified\":\"2024-07-16T17:57:37.573\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2022-03-25\",\"cisaActionDue\":\"2022-04-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Exim Privilege Escalation Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.\"},{\"lang\":\"es\",\"value\":\"Exim v4.72 y anteriores permiten a usuarios locales ganar privilegios potenciando la habilidad especificar un archivo de cuenta de usuario con una configuraci\u00f3n alternativa mediante una directiva que contenga comandos de su elecci\u00f3n, como se demostr\u00f3 con la directiva spool_directory.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":6.9},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.72\",\"matchCriteriaId\":\"91805B65-DDF2-4888-8F81-011F8D78B558\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"7EBFE35C-E243-43D1-883D-4398D71763CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BCB73E-27BB-4878-AD9C-90C4F20C25A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87614B58-24AB-49FB-9C84-E8DDBA16353B\"}]}]}],\"references\":[{\"url\":\"http://bugs.exim.org/show_bug.cgi?id=1044\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/12/10/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/42576\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42930\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43128\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43243\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.cpanel.net/2010/12/critical-exim-security-update.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2010/dsa-2131\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2154\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/758489\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/04/7\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0153.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/515172/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/45341\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1024859\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1060-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3171\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3204\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0135\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0245\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0364\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=662012\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.