cve-2016-7052

Vulnerability from cvelistv5

Published

2016-09-26 19:00

Modified

2024-08-06 01:50

Severity ?

Summary

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

References

URL	Tags
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html	Third Party Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21995039	Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	Patch, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	Patch, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	Patch, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	Patch, Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/93171	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1036885	Third Party Advisory, VDB Entry
cve@mitre.org	https://bto.bluecoat.com/security-advisory/sa132	Third Party Advisory
cve@mitre.org	https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e
cve@mitre.org	https://kc.mcafee.com/corporate/index?page=content&id=SB10171	Third Party Advisory
cve@mitre.org	https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc	Third Party Advisory
cve@mitre.org	https://security.gentoo.org/glsa/201612-16	Third Party Advisory
cve@mitre.org	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us	Third Party Advisory
cve@mitre.org	https://www.openssl.org/news/secadv/20160926.txt	Vendor Advisory
cve@mitre.org	https://www.tenable.com/security/tns-2016-16	Third Party Advisory
cve@mitre.org	https://www.tenable.com/security/tns-2016-19	Third Party Advisory
cve@mitre.org	https://www.tenable.com/security/tns-2016-20	Third Party Advisory

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:50:47.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2016-20"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20160926.txt"
          },
          {
            "name": "GLSA-201612-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201612-16"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
          },
          {
            "name": "1036885",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036885"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2016-16"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2016-19"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bto.bluecoat.com/security-advisory/sa132"
          },
          {
            "name": "FreeBSD-SA-16:27",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "name": "93171",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93171"
          },
          {
            "name": "SUSE-SU-2016:2470",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-11T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2016-20"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openssl.org/news/secadv/20160926.txt"
        },
        {
          "name": "GLSA-201612-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201612-16"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
        },
        {
          "name": "1036885",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036885"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2016-16"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.tenable.com/security/tns-2016-19"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bto.bluecoat.com/security-advisory/sa132"
        },
        {
          "name": "FreeBSD-SA-16:27",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        },
        {
          "name": "93171",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93171"
        },
        {
          "name": "SUSE-SU-2016:2470",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/tns-2016-20",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2016-20"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "https://www.openssl.org/news/secadv/20160926.txt",
              "refsource": "CONFIRM",
              "url": "https://www.openssl.org/news/secadv/20160926.txt"
            },
            {
              "name": "GLSA-201612-16",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201612-16"
            },
            {
              "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
            },
            {
              "name": "1036885",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036885"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2016-16",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2016-16"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2016-19",
              "refsource": "CONFIRM",
              "url": "https://www.tenable.com/security/tns-2016-19"
            },
            {
              "name": "https://bto.bluecoat.com/security-advisory/sa132",
              "refsource": "CONFIRM",
              "url": "https://bto.bluecoat.com/security-advisory/sa132"
            },
            {
              "name": "FreeBSD-SA-16:27",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "93171",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93171"
            },
            {
              "name": "SUSE-SU-2016:2470",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-7052",
    "datePublished": "2016-09-26T19:00:00",
    "dateReserved": "2016-08-23T00:00:00",
    "dateUpdated": "2024-08-06T01:50:47.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-7052\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-09-26T19:59:07.533\",\"lastModified\":\"2023-11-07T02:34:13.277\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.\"},{\"lang\":\"es\",\"value\":\"crypto/x509/x509_vfy.c en OpenSSL 1.0.2i permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de aplicaci\u00f3n) desencadenando una operaci\u00f3n CRL.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F788DAEB-9865-45DE-B18A-FDD43E1EBB9D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDF148A3-1AA7-4F27-85AB-414C609C626F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.1.2\",\"matchCriteriaId\":\"A47FC4F7-1F77-4314-B4B3-3C5D8E335379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.6.0\",\"matchCriteriaId\":\"303F780C-C971-4216-86D6-5026AAD56279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.7.0\",\"matchCriteriaId\":\"8291D42E-9E50-414D-9752-D70906D512B2\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21995039\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93171\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036885\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa132\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20160926.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-19\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

ghsa-9wm3-5vv7-j93j

Vulnerability from github

Published

2022-05-14 03:14

Modified

2022-05-14 03:14

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-7052"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-09-26T19:59:00Z",
    "severity": "HIGH"
  },
  "details": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.",
  "id": "GHSA-9wm3-5vv7-j93j",
  "modified": "2022-05-14T03:14:44Z",
  "published": "2022-05-14T03:14:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7052"
    },
    {
      "type": "WEB",
      "url": "https://bto.bluecoat.com/security-advisory/sa132"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
    },
    {
      "type": "WEB",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
    },
    {
      "type": "WEB",
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201612-16"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv/20160926.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2016-16"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2016-19"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2016-20"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93171"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036885"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2016-7052

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

Aliases

CVE-2016-7052

Aliases

CVE-2016-7052

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-7052",
    "description": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.",
    "id": "GSD-2016-7052",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-7052.html",
      "https://advisories.mageia.org/CVE-2016-7052.html",
      "https://security.archlinux.org/CVE-2016-7052"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-7052"
      ],
      "details": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.",
      "id": "GSD-2016-7052",
      "modified": "2023-12-13T01:21:20.636171Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-7052",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.tenable.com/security/tns-2016-20",
            "refsource": "CONFIRM",
            "url": "https://www.tenable.com/security/tns-2016-20"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "https://www.openssl.org/news/secadv/20160926.txt",
            "refsource": "CONFIRM",
            "url": "https://www.openssl.org/news/secadv/20160926.txt"
          },
          {
            "name": "GLSA-201612-16",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201612-16"
          },
          {
            "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e",
            "refsource": "CONFIRM",
            "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
          },
          {
            "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us",
            "refsource": "CONFIRM",
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
          },
          {
            "name": "1036885",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036885"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "https://www.tenable.com/security/tns-2016-16",
            "refsource": "CONFIRM",
            "url": "https://www.tenable.com/security/tns-2016-16"
          },
          {
            "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171",
            "refsource": "CONFIRM",
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "https://www.tenable.com/security/tns-2016-19",
            "refsource": "CONFIRM",
            "url": "https://www.tenable.com/security/tns-2016-19"
          },
          {
            "name": "https://bto.bluecoat.com/security-advisory/sa132",
            "refsource": "CONFIRM",
            "url": "https://bto.bluecoat.com/security-advisory/sa132"
          },
          {
            "name": "FreeBSD-SA-16:27",
            "refsource": "FREEBSD",
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "name": "93171",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93171"
          },
          {
            "name": "SUSE-SU-2016:2470",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1.2",
                "versionStartIncluding": "4.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.7.0",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.6.0",
                "versionStartIncluding": "4.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7052"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
            },
            {
              "name": "https://www.openssl.org/news/secadv/20160926.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.openssl.org/news/secadv/20160926.txt"
            },
            {
              "name": "93171",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/93171"
            },
            {
              "name": "SUSE-SU-2016:2470",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "GLSA-201612-16",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/201612-16"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171"
            },
            {
              "name": "https://bto.bluecoat.com/security-advisory/sa132",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://bto.bluecoat.com/security-advisory/sa132"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
            },
            {
              "name": "https://www.tenable.com/security/tns-2016-16",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/tns-2016-16"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
            },
            {
              "name": "1036885",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1036885"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "https://www.tenable.com/security/tns-2016-20",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/tns-2016-20"
            },
            {
              "name": "https://www.tenable.com/security/tns-2016-19",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/tns-2016-19"
            },
            {
              "name": "FreeBSD-SA-16:27",
              "refsource": "FREEBSD",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-08-16T13:17Z",
      "publishedDate": "2016-09-26T19:59Z"
    }
  }
}

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, resulting in a denial-of-service condition.

Gentoo Linux Security Advisory GLSA 201612-16

                                       https://security.gentoo.org/

Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16

Synopsis

Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.

Background

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-libs/openssl < 1.0.2j >= 1.0.2j

Description

Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.

Workaround

There is no known workaround at this time.

Resolution

All OpenSSL users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"

References

[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201612-16

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

[slackware-security] openssl (SSA:2016-270-01)

New openssl packages are available for Slackware 14.2 and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue: Missing CRL sanity check (CVE-2016-7052) For more information, see: https://www.openssl.org/news/secadv/20160926.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052 ( Security fix ) patches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz: Upgraded. +--------------------------+

Where to find the new packages: +-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz

Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2j-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz

Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2j-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2j-i586-1.txz

Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2j-x86_64-1.txz

MD5 signatures: +-------------+

Slackware 14.2 packages: cf3e90f91b35ee96f5a900e5f2ec8fd5 openssl-1.0.2j-i586-1_slack14.2.txz 31cc46351fdd4c487f75abdbfcd696e7 openssl-solibs-1.0.2j-i586-1_slack14.2.txz

Slackware x86_64 14.2 packages: 333fd278752b5f04a805aeabd77f28c4 openssl-1.0.2j-x86_64-1_slack14.2.txz 6b25daf23b1cfc59351308b9c11e830a openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz

Slackware -current packages: 98337bdfe00f04be784953fee5c023ca a/openssl-solibs-1.0.2j-i586-1.txz 3cd05a7ed655e7f51f652a31b9b908e7 n/openssl-1.0.2j-i586-1.txz

Slackware x86_64 -current packages: 6907d9a091ace959d8f04aa92cd7e5f6 a/openssl-solibs-1.0.2j-x86_64-1.txz 4017d82d5c4c370ab6850a5d623d321a n/openssl-1.0.2j-x86_64-1.txz

Installation instructions: +------------------------+

Upgrade the packages as root:

upgradepkg openssl-1.0.2j-i586-1_slack14.2.txz openssl-solibs-1.0.2j-i586-1_slack14.2.txz

+-----+

Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlfpZcsACgkQakRjwEAQIjPMMACbB1R3zcPgLf11KPr1jtmRE7PN BvgAnjd81wwT0k1DTOieELSStonzadsk =AuZJ -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201609-0481",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "openssl",
        "version": "1.0.2i"
      },
      {
        "model": "node.js",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "4.6.0"
      },
      {
        "model": "node.js",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "6.7.0"
      },
      {
        "model": "suse linux enterprise module for web scripting",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "novell",
        "version": "12.0"
      },
      {
        "model": "node.js",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "4.1.2"
      },
      {
        "model": "node.js",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "4.0.0"
      },
      {
        "model": "node.js",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "6.0.0"
      },
      {
        "model": "node.js",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "nodejs",
        "version": "4.2.0"
      },
      {
        "model": "linux enterprise module for web scripting",
        "scope": null,
        "trust": 0.8,
        "vendor": "suse",
        "version": null
      },
      {
        "model": "paging server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.10"
      },
      {
        "model": "webex centers t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "sterling connect:express for unix ifix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.13150-13"
      },
      {
        "model": "clean access manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series blade switches 4.1 e1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4000"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.9"
      },
      {
        "model": "telepresence content server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "proactive network operations center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5"
      },
      {
        "model": "project openssl 1.0.2i",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "69010"
      },
      {
        "model": "anyconnect secure mobility client for linux",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "ucs central software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance media server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.13"
      },
      {
        "model": "stealthwatch management console",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli provisioning manager for os deployment 5.1.fix pack",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.2"
      },
      {
        "model": "anyconnect secure mobility client for android",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "15.1"
      },
      {
        "model": "jabber software development kit",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "computer telephony integration object server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified workforce optimization",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "industrial router 1.2.1rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "910"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.1209"
      },
      {
        "model": "ip interoperability and collaboration system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asr series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "edge digital media player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3400"
      },
      {
        "model": "nexus series switches standalone nx-os mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "unified contact center enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches standalone nx-os mode 7.0 i5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.11"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7000"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3361"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.1.1"
      },
      {
        "model": "jabber guest",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime license manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance ptz ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.9"
      },
      {
        "model": "series digital media players 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4300"
      },
      {
        "model": "stealthwatch flowcollector sflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3394"
      },
      {
        "model": "visual quality experience server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2.2"
      },
      {
        "model": "jd edwards enterpriseone tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "9.2.1.1"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60002.9"
      },
      {
        "model": "content security management appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime collaboration provisioning",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "agent for openflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.3"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.2"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.8"
      },
      {
        "model": "flex system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.3.4.0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1"
      },
      {
        "model": "ons series multiservice provisioning platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154540"
      },
      {
        "model": "telepresence sx series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "prime collaboration assurance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asa next-generation firewall services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10.0.1"
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8200"
      },
      {
        "model": "unified communications manager im \u0026 presence service (formerly c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.3"
      },
      {
        "model": "webex meetings for blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.3"
      },
      {
        "model": "wide area application services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.1"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0.1.3"
      },
      {
        "model": "anyconnect secure mobility client for mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x4.0.7"
      },
      {
        "model": "common services platform collector",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.11"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.1"
      },
      {
        "model": "partner support service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "media services interface",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "cloud web security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime collaboration assurance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "jabber for iphone and ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0"
      },
      {
        "model": "email gateway 7.6.2h968406",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "unified attendant console advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "common services platform collector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "anyconnect secure mobility client for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence mx series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "model": "spectrum control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.8"
      },
      {
        "model": "webex meetings client on-premises",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "unified intelligence center",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6(1)"
      },
      {
        "model": "services provisioning platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ucs b-series blade servers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.3"
      },
      {
        "model": "nac appliance clean access manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.4.6"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10000"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20290.1"
      },
      {
        "model": "project openssl 1.0.2j",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "jabber for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asa next-generation firewall services",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1.2"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.3.0.0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.405"
      },
      {
        "model": "unified attendant console premium edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "api gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "11.1.2.4.0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5"
      },
      {
        "model": "services provisioning platform sfp1.1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mediasense",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for android",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "video surveillance series high-definition ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40000"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3.4"
      },
      {
        "model": "series digital media players 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4400"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30002.9"
      },
      {
        "model": "stealthwatch identity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.2"
      },
      {
        "model": "application policy infrastructure controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2(1)"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.2"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.1"
      },
      {
        "model": "unified workforce optimization quality management solution 11.5 su1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "show and share",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system ex series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "universal small cell iuh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.5"
      },
      {
        "model": "tivoli provisioning manager for images",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.19"
      },
      {
        "model": "ucs director",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli provisioning manager for images build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20280.6"
      },
      {
        "model": "jabber client framework components",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "telepresence isdn link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence profile series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "webex meetings client on-premises t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "dcm series d9900 digital content manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70006.2.19"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.1"
      },
      {
        "model": "unified attendant console business edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.4"
      },
      {
        "model": "peoplesoft enterprise peopletools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.54"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.1.4"
      },
      {
        "model": "mds series multilayer switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "90000"
      },
      {
        "model": "prime network services controller 1.01u",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "oss support tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.9.15.9.8"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.4.0.10"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.0"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "nexus series switches 5.2 sv3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v"
      },
      {
        "model": "telepresence system tx1310",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications domain manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media and",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3103204.4"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.2"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.4"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.1051.08"
      },
      {
        "model": "nac guest server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "enterprise content delivery system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.11"
      },
      {
        "model": "anyconnect secure mobility client for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system ex series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime collaboration deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex business suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "dx series ip phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.1.0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "15.5(3)"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.18"
      },
      {
        "model": "anyconnect secure mobility client for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series blade switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40000"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.11"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-376.1"
      },
      {
        "model": "jabber for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "telepresence profile series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "13.1.0.0"
      },
      {
        "model": "ace30 application control engine module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.28"
      },
      {
        "model": "edge digital media player 1.6rb5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "300"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "69450"
      },
      {
        "model": "telepresence isdn gateway mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "83210"
      },
      {
        "model": "wireless lan controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.4"
      },
      {
        "model": "jabber software development kit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "uc integration for microsoft lync",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.3"
      },
      {
        "model": "unified contact center enterprise",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.404"
      },
      {
        "model": "telepresence system tx1310",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "spa112 2-port phone adapter",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.151.05"
      },
      {
        "model": "connected grid routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.4.1.2"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.1"
      },
      {
        "model": "telepresence mx series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "communications diameter signaling router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "7.0"
      },
      {
        "model": "ip interoperability and collaboration system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(1)"
      },
      {
        "model": "spa122 analog telephone adapter with router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "universal small cell series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50003.5.12.23"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50003.4.2.0"
      },
      {
        "model": "connected grid routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "uc integration for microsoft lync",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.1768"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.401"
      },
      {
        "model": "unity express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "13000"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.0"
      },
      {
        "model": "tivoli provisioning manager for images",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.0"
      },
      {
        "model": "tandberg codian isdn gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway 7.6.405h1165239",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "jabber guest",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.9"
      },
      {
        "model": "digital media manager 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "series digital media players",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44000"
      },
      {
        "model": "ata series analog terminal adaptors",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1901.3"
      },
      {
        "model": "prime network services controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ata series analog terminal adaptors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1900"
      },
      {
        "model": "asr series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500021.2"
      },
      {
        "model": "ons series multiservice provisioning platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1545410.7"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.12"
      },
      {
        "model": "telepresence system series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.19"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.2"
      },
      {
        "model": "hosted collaboration mediation fulfillment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications manager session management edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip conference phone 10.3.1sr4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8831"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.0.0"
      },
      {
        "model": "webex meetings server multimedia platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70000"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.7"
      },
      {
        "model": "prime network registrar",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.3.5"
      },
      {
        "model": "series stackable managed switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "prime access registrar",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified intelligent contact management enterprise",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "stealthwatch flowcollector netflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3.2"
      },
      {
        "model": "ucs manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.0.2"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.1"
      },
      {
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.0.1"
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "network analysis module",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2(2)"
      },
      {
        "model": "video surveillance 4300e and 4500e high-definition ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified attendant console department edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.4"
      },
      {
        "model": "ip series phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "78000"
      },
      {
        "model": "aironet series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "27000"
      },
      {
        "model": "onepk all-in-one virtual machine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3387"
      },
      {
        "model": "industrial router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9100"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "15.2"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.1"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "model": "unified intelligence center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "model": "video distribution suite for internet streaming",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "13006.1"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.7.1"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.116"
      },
      {
        "model": "cloupia unified infrastructure controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11006.1"
      },
      {
        "model": "flex system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.3.20"
      },
      {
        "model": "packaged contact center enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "agent desktop for cisco unified contact center express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0.0"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70000"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence sx series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.5"
      },
      {
        "model": "nac appliance clean access server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60000"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1.0.1"
      },
      {
        "model": "webex meetings for windows phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "80"
      },
      {
        "model": "spa232d multi-line dect analog telephone adapter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime optical for service providers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smart care",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "edge digital media player 1.2rb1.0.3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "340"
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.99.4"
      },
      {
        "model": "network performance analysis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60006.2.19"
      },
      {
        "model": "peoplesoft enterprise peopletools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.55"
      },
      {
        "model": "unified ip conference phone for third-party call control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "88310"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0"
      },
      {
        "model": "webex meetings for windows phone",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82.8"
      },
      {
        "model": "spectrum control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.10"
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "secure access control system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.8.0.32.7"
      },
      {
        "model": "telepresence integrator c series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment intirim fix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.133"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.2"
      },
      {
        "model": "webex meetings client hosted",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.13"
      },
      {
        "model": "content security management appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1.140"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0"
      },
      {
        "model": "stealthwatch udp director",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "intrusion prevention system solutions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip conference phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "88310"
      },
      {
        "model": "jabber client framework components",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime ip express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified sip proxy software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.4"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "model": "security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for mac",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "netflow generation appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.403"
      },
      {
        "model": "unified sip proxy software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "99510"
      },
      {
        "model": "openssh for gpfs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "89450"
      },
      {
        "model": "telepresence supervisor mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "80500"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20280.6"
      },
      {
        "model": "telepresence server and mse",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "701087104.4"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.10"
      },
      {
        "model": "ucs series and series fabric interconnects",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "620063000"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.12"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2.2"
      },
      {
        "model": "webex meeting center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.11"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.4"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "16.1"
      },
      {
        "model": "netflow generation appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.1(1)"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.13"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.2"
      },
      {
        "model": "socialminer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "spa112 2-port phone adapter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance series high-definition ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40002.9"
      },
      {
        "model": "intracer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.1051.07"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.3"
      },
      {
        "model": "jabber for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "oss support tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.8.15.7.15"
      },
      {
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.2.0"
      },
      {
        "model": "prime infrastructure",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "telepresence video communication server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance 4300e and 4500e high-definition ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.9"
      },
      {
        "model": "computer telephony integration object server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11000"
      },
      {
        "model": "tuxedo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.1.1.0"
      },
      {
        "model": "telepresence sx series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media and",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3103200"
      },
      {
        "model": "content security appliance update servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "videoscape anyres live",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.7.2"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "99710"
      },
      {
        "model": "transportation management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.0.2"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.4"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.4.1.9"
      },
      {
        "model": "universal small cell iuh",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.17.3"
      },
      {
        "model": "ata analog telephone adaptor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1870"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.1.1"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.4"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-326.1"
      },
      {
        "model": "unity express",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10"
      },
      {
        "model": "expressway series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtualization experience media edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "vm virtualbox",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.1.8"
      },
      {
        "model": "small business series managed switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3.1"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.6"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10006.1"
      },
      {
        "model": "telepresence isdn gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "32410"
      },
      {
        "model": "telepresence mcu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "edge digital media player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "series smart plus switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2200"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.2.2"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v0"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.5.1"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.6"
      },
      {
        "model": "virtual security gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.5"
      },
      {
        "model": "telepresence tx9000 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "series digital media players",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "43000"
      },
      {
        "model": "telepresence system series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30006.1"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70003.4.2.0"
      },
      {
        "model": "unity connection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.13"
      },
      {
        "model": "ucs b-series blade servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "ucs standalone c-series rack server integrated management cont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "telepresence integrator c series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "spectrum control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.9"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3381"
      },
      {
        "model": "enterprise content delivery system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.6.9"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60000"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.1"
      },
      {
        "model": "mds series multilayer switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000"
      },
      {
        "model": "series digital media players 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4300"
      },
      {
        "model": "ucs standalone c-series rack server integrated management cont",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-3.0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.1"
      },
      {
        "model": "prime network",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence tx9000 series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "prime performance manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smart net total care local collector appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "prime collaboration provisioning",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.12"
      },
      {
        "model": "connected grid routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "15.8.9"
      },
      {
        "model": "network analysis module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.2"
      },
      {
        "model": "nexus series fabric switches aci mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "prime performance manager sp1611",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.7"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.1"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.12"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.22"
      },
      {
        "model": "unified ip phone 9.3 sr3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6901"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.16"
      },
      {
        "model": "telepresence server and mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "701087100"
      },
      {
        "model": "mds series multilayer switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "90006.2.19"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270015.5(3)"
      },
      {
        "model": "spectrum control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.11"
      },
      {
        "model": "telepresence server on virtual machine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex meetings for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "security network controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3376"
      },
      {
        "model": "digital media manager 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified workforce optimization quality management solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "telepresence integrator c series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.3"
      },
      {
        "model": "spa122 analog telephone adapter with router",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "cloud object storage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.4"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.1"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.2"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.14"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3"
      },
      {
        "model": "unified intelligent contact management enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "application and content networking system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "anyconnect secure mobility client for ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ace application control engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "47100"
      },
      {
        "model": "oss support tools",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.15.17.3.14"
      },
      {
        "model": "anyconnect secure mobility client for mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x0"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.4.1.2"
      },
      {
        "model": "tivoli provisioning manager for images build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20290.1"
      },
      {
        "model": "prime infrastructure plug and play standalone gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtual security gateway",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1.6"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50006.2.19"
      },
      {
        "model": "telepresence conductor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "application policy infrastructure controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for mac",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for iphone and ipad",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "prime network registrar",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "primavera p6 enterprise project portfolio management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "16.2"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.1"
      },
      {
        "model": "telepresence video communication server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x8.8.3"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.4.1"
      },
      {
        "model": "series digital media players 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4400"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0"
      },
      {
        "model": "multicast manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.3"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2"
      },
      {
        "model": "anyconnect secure mobility client for ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "secure access control system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.8.0.32.8"
      },
      {
        "model": "webex node for mcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence mcu",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5(1.89)"
      },
      {
        "model": "management appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "anyconnect secure mobility client for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "videoscape anyres live",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance ptz ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video distribution suite for internet streaming",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.003(002)"
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8204.4"
      },
      {
        "model": "telepresence serial gateway series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.3"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.400"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "89610"
      },
      {
        "model": "expressway series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x8.8.3"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.3"
      },
      {
        "model": "prime network",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "431"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-320"
      },
      {
        "model": "unified attendant console enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "transportation management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.1"
      },
      {
        "model": "unified contact center express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.26"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1"
      },
      {
        "model": "network analysis module 6.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "telepresence system ex series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "prime data center network manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mxe series media experience engines",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "35000"
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.17.3"
      },
      {
        "model": "videoscape control suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tandberg codian mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "83200"
      },
      {
        "model": "ip series phones vpn feature",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8800-0"
      },
      {
        "model": "flex system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.3.3.0"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0.0.0"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "13.2.0.0"
      },
      {
        "model": "unified meetingplace 8.6mr1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.406-3402.103"
      },
      {
        "model": "telepresence mx series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tapi service provider",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70002.9"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-370"
      },
      {
        "model": "spa525g 5-line ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence profile series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "secure access control system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip conference phone for third-party call control 9.3 sr3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8831"
      },
      {
        "model": "unified ip series phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "79000"
      },
      {
        "model": "spa232d multi-line dect analog telephone adapter",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "nexus series fabric switches aci mode",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.6"
      },
      {
        "model": "visual quality experience tools server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtualization experience media edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.3.2"
      },
      {
        "model": "emergency responder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway 7.6.405h1157986",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "tivoli storage productivity center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.7"
      },
      {
        "model": "registered envelope service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "universal small cell series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70003.5.12.23"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex meetings client hosted t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified meetingplace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1"
      },
      {
        "model": "unified contact center express",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "webex meetings server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.6.1.30"
      },
      {
        "model": "tivoli provisioning manager for images system edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "x7.1.1.0"
      },
      {
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "4.4.1.5.0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.402"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1.2",
                "versionStartIncluding": "4.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.7.0",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.6.0",
                "versionStartIncluding": "4.2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2016-7052",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7052",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7052",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-7052",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201609-599",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-7052",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the affected application, resulting in a denial-of-service condition. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: OpenSSL: Multiple vulnerabilities\n     Date: December 07, 2016\n     Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n           #592082, #594500, #595186\n       ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/openssl             \u003c 1.0.2j                  \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n  # emerge --sync\n   # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[  1 ] CVE-2016-2105\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[  2 ] CVE-2016-2106\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[  3 ] CVE-2016-2107\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[  4 ] CVE-2016-2108\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[  5 ] CVE-2016-2109\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[  6 ] CVE-2016-2176\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[  7 ] CVE-2016-2177\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[  8 ] CVE-2016-2178\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[  9 ] CVE-2016-2180\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n       http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security]  openssl (SSA:2016-270-01)\n\nNew openssl packages are available for Slackware 14.2 and -current to\nfix a security issue. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.2j-i586-1_slack14.2.txz:  Upgraded. \n  This update fixes a security issue:\n  Missing CRL sanity check (CVE-2016-7052)\n  For more information, see:\n    https://www.openssl.org/news/secadv/20160926.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052\n  (* Security fix *)\npatches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz:  Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2j-i586-1_slack14.2.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2j-x86_64-1_slack14.2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2j-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2j-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2j-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2j-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.2 packages:\ncf3e90f91b35ee96f5a900e5f2ec8fd5  openssl-1.0.2j-i586-1_slack14.2.txz\n31cc46351fdd4c487f75abdbfcd696e7  openssl-solibs-1.0.2j-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 packages:\n333fd278752b5f04a805aeabd77f28c4  openssl-1.0.2j-x86_64-1_slack14.2.txz\n6b25daf23b1cfc59351308b9c11e830a  openssl-solibs-1.0.2j-x86_64-1_slack14.2.txz\n\nSlackware -current packages:\n98337bdfe00f04be784953fee5c023ca  a/openssl-solibs-1.0.2j-i586-1.txz\n3cd05a7ed655e7f51f652a31b9b908e7  n/openssl-1.0.2j-i586-1.txz\n\nSlackware x86_64 -current packages:\n6907d9a091ace959d8f04aa92cd7e5f6  a/openssl-solibs-1.0.2j-x86_64-1.txz\n4017d82d5c4c370ab6850a5d623d321a  n/openssl-1.0.2j-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.2j-i586-1_slack14.2.txz openssl-solibs-1.0.2j-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address.      |\n+------------------------------------------------------------------------+\n-----BEGIN PGP SIGNATURE-----\n\niEYEARECAAYFAlfpZcsACgkQakRjwEAQIjPMMACbB1R3zcPgLf11KPr1jtmRE7PN\nBvgAnjd81wwT0k1DTOieELSStonzadsk\n=AuZJ\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "BID",
        "id": "93171"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "PACKETSTORM",
        "id": "140056"
      },
      {
        "db": "PACKETSTORM",
        "id": "138863"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-7052",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "93171",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1036885",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-16",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-20",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-19",
        "trust": 1.7
      },
      {
        "db": "MCAFEE",
        "id": "SB10171",
        "trust": 1.7
      },
      {
        "db": "JUNIPER",
        "id": "JSA10759",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU99474230",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0696",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4645",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-7052",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140056",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138863",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "BID",
        "id": "93171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "PACKETSTORM",
        "id": "140056"
      },
      {
        "db": "PACKETSTORM",
        "id": "138863"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "id": "VAR-201609-0481",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3797576935714285
  },
  "last_update_date": "2023-12-18T11:18:09.171000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160927-openssl",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
      },
      {
        "title": "OpenSSL 1.0.2 Series Release Notes",
        "trust": 0.8,
        "url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
      },
      {
        "title": "Add some sanity checks when checking CRL scores",
        "trust": 0.8,
        "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
      },
      {
        "title": "Missing CRL sanity check (CVE-2016-7052)",
        "trust": 0.8,
        "url": "https://www.openssl.org/news/secadv/20160926.txt"
      },
      {
        "title": "SUSE-SU-2016:2470",
        "trust": 0.8,
        "url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
      },
      {
        "title": "Oracle Critical Patch Update Advisory - October 2016",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
      },
      {
        "title": "OpenSSL Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64377"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2016/09/26/openssl_patches_last_weeks_patch/"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201609-28] lib32-openssl: denial of service",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-28"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201609-30] openssl: denial of service",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-30"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-7052"
      },
      {
        "title": "Red Hat: CVE-2016-7052",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-7052"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
      },
      {
        "title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
      },
      {
        "title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
      },
      {
        "title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
      },
      {
        "title": "Tenable Security Advisories: [R6] SecurityCenter 5.4.1 Fixes Multiple Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-19"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
      },
      {
        "title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
      },
      {
        "title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2016-7052 "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/openssl-fixes-critical-bug-introduced-by-latest-update/120851/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-476",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "https://www.openssl.org/news/secadv/20160926.txt"
      },
      {
        "trust": 2.0,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
      },
      {
        "trust": 2.0,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
      },
      {
        "trust": 2.0,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
      },
      {
        "trust": 2.0,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/93171"
      },
      {
        "trust": 1.8,
        "url": "https://security.gentoo.org/glsa/201612-16"
      },
      {
        "trust": 1.7,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
      },
      {
        "trust": 1.7,
        "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10171"
      },
      {
        "trust": 1.7,
        "url": "https://bto.bluecoat.com/security-advisory/sa132"
      },
      {
        "trust": 1.7,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-16"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1036885"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-20"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-19"
      },
      {
        "trust": 1.7,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-16:27.openssl.asc"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
      },
      {
        "trust": 1.1,
        "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
      },
      {
        "trust": 0.9,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7052"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu99474230/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7052"
      },
      {
        "trust": 0.6,
        "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6e629b5be45face20b4ca71c4fcbfed78b864a2e"
      },
      {
        "trust": 0.6,
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
      },
      {
        "trust": 0.3,
        "url": "http://openssl.org/"
      },
      {
        "trust": 0.3,
        "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
      },
      {
        "trust": 0.3,
        "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
      },
      {
        "trust": 0.3,
        "url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996181"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/476.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2016-7052"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/openssl-fixes-critical-bug-introduced-by-latest-update/120851/"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49228"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
      },
      {
        "trust": 0.1,
        "url": "http://eprint.iacr.org/2016/594.pdf"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com"
      },
      {
        "trust": 0.1,
        "url": "http://osuosl.org)"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com/gpg-key"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "BID",
        "id": "93171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "PACKETSTORM",
        "id": "140056"
      },
      {
        "db": "PACKETSTORM",
        "id": "138863"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "db": "BID",
        "id": "93171"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "db": "PACKETSTORM",
        "id": "140056"
      },
      {
        "db": "PACKETSTORM",
        "id": "138863"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-09-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "date": "2016-09-26T00:00:00",
        "db": "BID",
        "id": "93171"
      },
      {
        "date": "2016-09-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "date": "2016-12-07T16:37:31",
        "db": "PACKETSTORM",
        "id": "140056"
      },
      {
        "date": "2016-09-26T23:23:00",
        "db": "PACKETSTORM",
        "id": "138863"
      },
      {
        "date": "2016-09-26T19:59:07.533000",
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "date": "2016-09-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-7052"
      },
      {
        "date": "2017-12-19T22:37:00",
        "db": "BID",
        "id": "93171"
      },
      {
        "date": "2016-12-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      },
      {
        "date": "2023-11-07T02:34:13.277000",
        "db": "NVD",
        "id": "CVE-2016-7052"
      },
      {
        "date": "2022-08-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OpenSSL of  crypto/x509/x509_vfy.c Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004996"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-599"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-7052

Vulnerability from cvelistv5

ghsa-9wm3-5vv7-j93j

Vulnerability from github

gsd-2016-7052

Vulnerability from gsd

var-201609-0481

Vulnerability from variot

Synopsis

Background

Affected packages

Description

Workaround

Resolution

References

Availability

Concerns?

License

upgradepkg openssl-1.0.2j-i586-1_slack14.2.txz openssl-solibs-1.0.2j-i586-1_slack14.2.txz

Tags

Sightings

Nomenclature