FKIE_CVE-2011-1926

Vulnerability from fkie_nvd - Published: 2011-05-23 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
References
secalert@redhat.comhttp://bugzilla.cyrusimap.org/show_bug.cgi?id=3423Patch
secalert@redhat.comhttp://bugzilla.cyrusimap.org/show_bug.cgi?id=3424Patch
secalert@redhat.comhttp://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162Patch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/05/17/15Patch
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/05/17/2Patch
secalert@redhat.comhttp://secunia.com/advisories/44670
secalert@redhat.comhttp://secunia.com/advisories/44876
secalert@redhat.comhttp://secunia.com/advisories/44913
secalert@redhat.comhttp://secunia.com/advisories/44928
secalert@redhat.comhttp://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php
secalert@redhat.comhttp://www.debian.org/security/2011/dsa-2242
secalert@redhat.comhttp://www.debian.org/security/2011/dsa-2258
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/555316US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:100
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2011-0859.html
secalert@redhat.comhttp://www.securitytracker.com/id?1025625
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=705288Patch
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/67867
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423Patch
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424Patch
af854a3a-2127-422b-91ae-364da2661108http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/05/17/15Patch
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/05/17/2Patch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44670
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44876
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44928
af854a3a-2127-422b-91ae-364da2661108http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2242
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2258
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/555316US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:100
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-0859.html
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025625
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=705288Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/67867
Impacted products
Vendor Product Version
cmu cyrus_imap_server *
cmu cyrus_imap_server 2.0.17
cmu cyrus_imap_server 2.1.16
cmu cyrus_imap_server 2.1.17
cmu cyrus_imap_server 2.1.18
cmu cyrus_imap_server 2.2.8
cmu cyrus_imap_server 2.2.9
cmu cyrus_imap_server 2.2.10
cmu cyrus_imap_server 2.2.11
cmu cyrus_imap_server 2.2.12
cmu cyrus_imap_server 2.2.13
cmu cyrus_imap_server 2.2.13p1
cmu cyrus_imap_server 2.3.0
cmu cyrus_imap_server 2.3.1
cmu cyrus_imap_server 2.3.2
cmu cyrus_imap_server 2.3.3
cmu cyrus_imap_server 2.3.4
cmu cyrus_imap_server 2.3.5
cmu cyrus_imap_server 2.3.6
cmu cyrus_imap_server 2.3.7
cmu cyrus_imap_server 2.3.8
cmu cyrus_imap_server 2.3.9
cmu cyrus_imap_server 2.3.10
cmu cyrus_imap_server 2.3.11
cmu cyrus_imap_server 2.3.12
cmu cyrus_imap_server 2.3.13
cmu cyrus_imap_server 2.3.14
cmu cyrus_imap_server 2.3.15
cmu cyrus_imap_server 2.3.16
cmu cyrus_imap_server 2.4.0
cmu cyrus_imap_server 2.4.1
cmu cyrus_imap_server 2.4.2
cmu cyrus_imap_server 2.4.3
cmu cyrus_imap_server 2.4.4
cmu cyrus_imap_server 2.4.5
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE4D079C-54C9-436C-BEFA-2134295ABC3A",
              "versionEndIncluding": "2.4.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "99D7C5A6-45E7-4BAA-B233-CCAB159C51A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "21700E30-2236-4E51-86B9-E95447CA6048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42C288D-A01A-49B7-B940-5D02708E945D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB432DB6-FFE9-42E3-B579-6AD992EDFD4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F9BFB2-5A7C-4CA2-BB82-67D1591DD018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FCAD991-48BF-4A68-A94C-13B6168AD4E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "641EB6FF-302A-445D-9E63-AE1AF2ADB817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "4916C646-E5E4-41E5-B095-D2F11E9F5991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9D6F66-9DFF-4325-A1C2-D4B09FFE7C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE067B25-86BF-4607-9988-F7564478805A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.2.13p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E736ECCF-2303-4910-AE53-2AA251CAD405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C680C0F-355D-43D0-9D0F-C4FC7D9C4303",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2F9C1-7356-4110-A07B-A7B9DD02BFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E9F2C5-71B2-4E49-9AC1-C5C99C13323D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A0D47EC-F7E7-43F5-858C-9E2491142BB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E65CF58D-6B31-42A8-9CE1-8FFACA8D0529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D308745F-8054-41D5-83C7-0F01F064FD68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "209A797E-AD60-4A8B-9F91-D5FA441F56B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "71641B1E-FCBA-4D22-9E1D-63557048A4AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70C4DE0-0B02-4A9C-85A6-E33037A72679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "25696C00-BFC6-4071-9B72-45B4A96E13EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA183F1-A60F-4285-9938-762107FFD4DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "439424BC-AEEC-40A2-A57C-9EC87E11EA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E86725A-ECDB-4B62-9FC7-728082201D87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E010BE-DA06-4FF3-8882-0DCA01F18B6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "507FD8BF-2387-4745-A15F-FC7389D02695",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDF7EE8-D71E-4DC8-B5A2-53029B213F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C92EF3C-1728-44F2-B71E-0A7FA03EDDE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33DA20A2-D525-4804-BD10-CE6CBB7F119D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26BA8C3F-3909-4572-8E8B-B95F0AF728E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1176CD-C6DB-45D5-91BD-194C40259A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6DCA14F-1BE5-4E7B-9B52-F1F33249AAE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5A89D3-AD15-4881-AC42-71459BC75685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E65F7347-D66B-4560-99FB-4DD0E3364FF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n STARTTLS en Cyrus IMAP Server anterior a v2.4.7 no restringe adecuadamente el b\u00fafer de Entrada/Salida, lo que permite ataques \"man-in-the-middle\" para insertar comandos en sesiones cifradas enviando un comando en texto claro que se procesa despu\u00e9s de TLS en su lugar, relacionado con un ataque \"inyecci\u00f3n de comandos de texto claro\", una tarea similar a CVE-2011-0411."
    }
  ],
  "id": "CVE-2011-1926",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-23T22:55:01.490",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/05/17/15"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/05/17/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44670"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44876"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44928"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2242"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2258"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/555316"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1025625"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://git.cyrusimap.org/cyrus-imapd/patch/?id=523a91a5e86c8b9a27a138f04a3e3f2d8786f162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/05/17/15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/05/17/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cyrusimap.org/docs/cyrus-imapd/2.4.7/changes.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/555316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0859.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=705288"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67867"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.