CVE-2023-20032 (GCVE-0-2023-20032)

Vulnerability from cvelistv5 – Published: 2023-02-16 15:24 – Updated: 2024-08-02 08:57
VLAI?
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
Vendor Product Version
Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
Affected: 11.7.0-418
Affected: 11.7.1-049
Affected: 11.7.1-006
Affected: 11.7.1-020
Affected: 11.7.2-011
Affected: 11.8.0-414
Affected: 11.8.1-023
Affected: 11.8.3-018
Affected: 11.8.3-021
Affected: 12.0.1-268
Affected: 12.0.3-007
Affected: 12.5.2-007
Affected: 12.5.1-011
Affected: 12.5.4-005
Affected: 12.5.5-004
Affected: 14.5.0-498
Affected: 14.0.3-014
Affected: 14.0.2-012
Create a notification for this product.
    Cisco Cisco Secure Endpoint Affected: 6.1.9
Affected: 6.2.5
Affected: 6.3.7
Affected: 6.3.3
Affected: 7.0.5
Affected: 7.1.1
Affected: 1.12.1
Affected: 1.12.2
Affected: 1.12.3
Affected: 1.12.7
Affected: 1.12.4
Affected: 1.11.0
Affected: 1.10.2
Affected: 1.10.0
Affected: 1.14.0
Affected: 1.6.0
Affected: 1.9.0
Affected: 1.8.1
Affected: 1.8.0
Affected: 1.7.0
Affected: 7.2.13
Affected: 7.3.5
Create a notification for this product.
    Cisco Cisco Secure Endpoint Private Cloud Administration Portal Affected: N/A
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.875Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-clamav-q8DThCy",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Secure Web Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "11.7.0-406"
            },
            {
              "status": "affected",
              "version": "11.7.0-418"
            },
            {
              "status": "affected",
              "version": "11.7.1-049"
            },
            {
              "status": "affected",
              "version": "11.7.1-006"
            },
            {
              "status": "affected",
              "version": "11.7.1-020"
            },
            {
              "status": "affected",
              "version": "11.7.2-011"
            },
            {
              "status": "affected",
              "version": "11.8.0-414"
            },
            {
              "status": "affected",
              "version": "11.8.1-023"
            },
            {
              "status": "affected",
              "version": "11.8.3-018"
            },
            {
              "status": "affected",
              "version": "11.8.3-021"
            },
            {
              "status": "affected",
              "version": "12.0.1-268"
            },
            {
              "status": "affected",
              "version": "12.0.3-007"
            },
            {
              "status": "affected",
              "version": "12.5.2-007"
            },
            {
              "status": "affected",
              "version": "12.5.1-011"
            },
            {
              "status": "affected",
              "version": "12.5.4-005"
            },
            {
              "status": "affected",
              "version": "12.5.5-004"
            },
            {
              "status": "affected",
              "version": "14.5.0-498"
            },
            {
              "status": "affected",
              "version": "14.0.3-014"
            },
            {
              "status": "affected",
              "version": "14.0.2-012"
            }
          ]
        },
        {
          "product": "Cisco Secure Endpoint",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.1.9"
            },
            {
              "status": "affected",
              "version": "6.2.5"
            },
            {
              "status": "affected",
              "version": "6.3.7"
            },
            {
              "status": "affected",
              "version": "6.3.3"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.1.1"
            },
            {
              "status": "affected",
              "version": "1.12.1"
            },
            {
              "status": "affected",
              "version": "1.12.2"
            },
            {
              "status": "affected",
              "version": "1.12.3"
            },
            {
              "status": "affected",
              "version": "1.12.7"
            },
            {
              "status": "affected",
              "version": "1.12.4"
            },
            {
              "status": "affected",
              "version": "1.11.0"
            },
            {
              "status": "affected",
              "version": "1.10.2"
            },
            {
              "status": "affected",
              "version": "1.10.0"
            },
            {
              "status": "affected",
              "version": "1.14.0"
            },
            {
              "status": "affected",
              "version": "1.6.0"
            },
            {
              "status": "affected",
              "version": "1.9.0"
            },
            {
              "status": "affected",
              "version": "1.8.1"
            },
            {
              "status": "affected",
              "version": "1.8.0"
            },
            {
              "status": "affected",
              "version": "1.7.0"
            },
            {
              "status": "affected",
              "version": "7.2.13"
            },
            {
              "status": "affected",
              "version": "7.3.5"
            }
          ]
        },
        {
          "product": "Cisco Secure Endpoint Private Cloud Administration Portal",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a proof-of-concept is available that demonstrates that this vulnerability can be used to cause a buffer overflow and subsequent process termination.\r\n\r\nAdditional technical information is also available that describes this vulnerability in detail.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:34.558Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-clamav-q8DThCy",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
        }
      ],
      "source": {
        "advisory": "cisco-sa-clamav-q8DThCy",
        "defects": [
          "CSCwd74135",
          "CSCwd74134",
          "CSCwd74133",
          "CSCwe18204",
          "CSCwd74132"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20032",
    "datePublished": "2023-02-16T15:24:05.173Z",
    "dateReserved": "2022-10-27T18:47:50.315Z",
    "dateUpdated": "2024-08-02T08:57:35.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*\", \"versionEndExcluding\": \"1.20.2\", \"matchCriteriaId\": \"40572314-306A-4594-A279-216B8139B7A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*\", \"versionEndExcluding\": \"1.21.1\", \"matchCriteriaId\": \"726A787E-E64F-4906-9BAE-4F79EB530F1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*\", \"versionEndExcluding\": \"7.5.9\", \"matchCriteriaId\": \"C4F63447-CA0E-43FC-8FF1-B4032D21E32A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*\", \"versionStartIncluding\": \"8.0.1.21160\", \"versionEndExcluding\": \"8.1.5\", \"matchCriteriaId\": \"D0FC45E7-C4AB-4AC5-87AB-0ED1508CCFF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.6.0\", \"matchCriteriaId\": \"07BFC8FC-6CF0-49DA-B4ED-5B7936A4233E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"12.5.6\", \"matchCriteriaId\": \"2EFF7AB1-33C6-4627-9950-2F2E48BCCC7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.0.0\", \"versionEndExcluding\": \"14.0.4-005\", \"matchCriteriaId\": \"A8361D69-981F-4F28-86F9-EFF202C9E537\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.5.0\", \"versionEndExcluding\": \"14.5.1-013\", \"matchCriteriaId\": \"CF6E494A-FCA7-4569-847D-2AA3C14C3E79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.0.0\", \"versionEndExcluding\": \"15.0.0-254\", \"matchCriteriaId\": \"BD8B1F66-9FD3-4970-BDA3-26241B18B4AA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.103.7\", \"matchCriteriaId\": \"BDF08008-9C84-4075-8AB7-233209E4F3C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"0.104.0\", \"versionEndIncluding\": \"0.105.1\", \"matchCriteriaId\": \"14FA7424-A3E5-4F46-83F8-E9767330F1CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:1.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A381BD3C-88E0-41FD-91E6-26BCF78B84CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:1.0.0:rc:*:*:*:*:*:*\", \"matchCriteriaId\": \"88BE0B1C-4515-40EA-ADDD-A04BF50743DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:1.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB00FEFE-F8A2-482D-A7EE-002DA4E10FF6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.7.35\", \"matchCriteriaId\": \"88CF061E-FFD8-48DE-887F-2119C916E2B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.8.0\", \"versionEndExcluding\": \"3.11.23\", \"matchCriteriaId\": \"F499B698-4EB6-4262-BAF4-9BDE7F114805\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.3.0\", \"versionEndExcluding\": \"4.3.17\", \"matchCriteriaId\": \"40519377-ECDC-41E2-B6A6-7F601AC28ACD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.4.0\", \"versionEndExcluding\": \"4.6.4\", \"matchCriteriaId\": \"77BAC9BA-B215-490F-9202-617B1B4E7C8A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\\r\\n\\r \\r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\\r\\n\\r \\r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\\r\\n\\r For a description of this vulnerability, see the ClamAV blog [\\\"https://blog.clamav.net/\\\"].\"}]",
      "id": "CVE-2023-20032",
      "lastModified": "2024-11-21T07:40:23.950",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-03-01T08:15:11.907",
      "references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-20032\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2023-03-01T08:15:11.907\",\"lastModified\":\"2024-11-21T07:40:23.950\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\\r\\n\\r \\r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\\r\\n\\r \\r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\\r\\n\\r For a description of this vulnerability, see the ClamAV blog [\\\"https://blog.clamav.net/\\\"].\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*\",\"versionEndExcluding\":\"1.20.2\",\"matchCriteriaId\":\"40572314-306A-4594-A279-216B8139B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*\",\"versionEndExcluding\":\"1.21.1\",\"matchCriteriaId\":\"726A787E-E64F-4906-9BAE-4F79EB530F1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*\",\"versionEndExcluding\":\"7.5.9\",\"matchCriteriaId\":\"C4F63447-CA0E-43FC-8FF1-B4032D21E32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"8.0.1.21160\",\"versionEndExcluding\":\"8.1.5\",\"matchCriteriaId\":\"D0FC45E7-C4AB-4AC5-87AB-0ED1508CCFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.0\",\"matchCriteriaId\":\"07BFC8FC-6CF0-49DA-B4ED-5B7936A4233E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5.6\",\"matchCriteriaId\":\"2EFF7AB1-33C6-4627-9950-2F2E48BCCC7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndExcluding\":\"14.0.4-005\",\"matchCriteriaId\":\"A8361D69-981F-4F28-86F9-EFF202C9E537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.5.0\",\"versionEndExcluding\":\"14.5.1-013\",\"matchCriteriaId\":\"CF6E494A-FCA7-4569-847D-2AA3C14C3E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.0.0\",\"versionEndExcluding\":\"15.0.0-254\",\"matchCriteriaId\":\"BD8B1F66-9FD3-4970-BDA3-26241B18B4AA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.103.7\",\"matchCriteriaId\":\"BDF08008-9C84-4075-8AB7-233209E4F3C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.104.0\",\"versionEndIncluding\":\"0.105.1\",\"matchCriteriaId\":\"14FA7424-A3E5-4F46-83F8-E9767330F1CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:1.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A381BD3C-88E0-41FD-91E6-26BCF78B84CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:1.0.0:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BE0B1C-4515-40EA-ADDD-A04BF50743DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:1.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB00FEFE-F8A2-482D-A7EE-002DA4E10FF6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.7.35\",\"matchCriteriaId\":\"88CF061E-FFD8-48DE-887F-2119C916E2B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0\",\"versionEndExcluding\":\"3.11.23\",\"matchCriteriaId\":\"F499B698-4EB6-4262-BAF4-9BDE7F114805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3.0\",\"versionEndExcluding\":\"4.3.17\",\"matchCriteriaId\":\"40519377-ECDC-41E2-B6A6-7F601AC28ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4.0\",\"versionEndExcluding\":\"4.6.4\",\"matchCriteriaId\":\"77BAC9BA-B215-490F-9202-617B1B4E7C8A\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.