ICSA-21-138-01
Vulnerability from csaf_cisa - Published: 2021-05-18 00:00 - Updated: 2021-05-18 00:00Summary
ICSA-21-138-01_Emerson Rosemount X-STREAM
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary: Emerson reported these vulnerabilities to CISA.
Exploitability: No known public exploits specifically target these vulnerabilities.
7.5 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
7.1 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
7.5 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
5.3 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
5.3 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
5.4 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
X-STREAM enhanced XEGP: all revisions
Emerson / X-STREAM enhanced XEGP
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEGK: all revisions
Emerson / X-STREAM enhanced XEGK
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEXF: all revisions
Emerson / X-STREAM enhanced XEXF
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
|
|
X-STREAM enhanced XEFD: all revisions
Emerson / X-STREAM enhanced XEFD
|
vers:all/* |
Mitigation
Mitigation
fix
Mitigation
|
References
7 references
Acknowledgments
Emerson
{
"document": {
"acknowledgments": [
{
"organization": "Emerson",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "summary",
"text": "Emerson reported these vulnerabilities to CISA.",
"title": "Summary"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "CISAservicedesk@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-138-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-138-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-138-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-138-01"
}
],
"title": "ICSA-21-138-01_Emerson Rosemount X-STREAM",
"tracking": {
"current_release_date": "2021-05-18T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA USCert CSAF Generator",
"version": "1"
}
},
"id": "ICSA-21-138-01",
"initial_release_date": "2021-05-18T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-05-18T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-138-01 Emerson Rosemount X Stream "
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "X-STREAM enhanced XEGP: all revisions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "X-STREAM enhanced XEGP"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "X-STREAM enhanced XEGK: all revisions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "X-STREAM enhanced XEGK"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "X-STREAM enhanced XEXF: all revisions",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "X-STREAM enhanced XEXF"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "X-STREAM enhanced XEFD: all revisions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "X-STREAM enhanced XEFD"
}
],
"category": "vendor",
"name": "Emerson"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27457",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used for access.CVE-2021-27457 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27457"
},
{
"cve": "CVE-2021-27459",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.CVE-2021-27459 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27459"
},
{
"cve": "CVE-2021-27461",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs. CVE-2021-27461 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27461"
},
{
"cve": "CVE-2021-27463",
"cwe": {
"id": "CWE-539",
"name": "Use of Persistent Cookies Containing Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the cookies and gain access to sensitive information. CVE-2021-27463 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27463"
},
{
"cve": "CVE-2021-27465",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorrect or undesirable data.CVE-2021-27465 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27465"
},
{
"cve": "CVE-2021-27467",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "The affected product \u0027s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.CVE-2021-27467 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Emerson recommends users update the firmware of the affected products. A new release that addresses the issues identified in this cybersecurity notification impacting the affected products is available. For information on how to obtain the update, contact TechSupport.Hasselroth@emerson.com",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "In addition, Emerson recommends users of affected products continue to utilize current cybersecurity industry best practices and ensure the affected products are connected to a well-protected network and properly segmented from the Internet. For more information see the Emerson Security notifications page.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.emerson.com/en-us/support/security-notifications"
},
{
"category": "mitigation",
"details": "One of the cybersecurity best practices should include configuring web browsers to prohibit storage of user information such as login names and passwords.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2021-27467"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…