var-201311-0362
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Since some unknown input related to the JavaDumpService servlet and the DataCollector servlet is not properly filtered before being returned to the user, the attacker can exploit the vulnerability to execute arbitrary HTML and script code in the user's browser session of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6816"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Evdokimov of ERPScan.",
"sources": [
{
"db": "BID",
"id": "63788"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6816",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14588",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14602",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "afafec56-1efc-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6816",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14588",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14602",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-287",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Since some unknown input related to the JavaDumpService servlet and the DataCollector servlet is not properly filtered before being returned to the user, the attacker can exploit the vulnerability to execute arbitrary HTML and script code in the user\u0027s browser session of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6816",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "55777",
"trust": 2.8
},
{
"db": "BID",
"id": "63788",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-14588",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-14602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195",
"trust": 0.8
},
{
"db": "IVD",
"id": "DADD0DDC-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "AFAFEC56-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"id": "VAR-201311-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
}
],
"trust": 1.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
}
]
},
"last_update_date": "2023-12-18T13:39:58.835000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "Patch for SAP Netweaver DataCollector and JavaDumpService Servlets Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41194"
},
{
"title": "Patches for multiple cross-site scripting vulnerabilities in SAP Netweaver DataCollector and JavaDumpService Servlets",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41225"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://secunia.com/advisories/55777"
},
{
"trust": 2.2,
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6816"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6816"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/55777/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:00:00",
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-22T00:00:00",
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"date": "2013-10-30T00:00:00",
"db": "BID",
"id": "63788"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"date": "2013-11-20T14:12:30.930000",
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"date": "2013-11-21T00:27:00",
"db": "BID",
"id": "63788"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"date": "2018-12-10T19:29:01.437000",
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of JavaDumpService and DataCollector Servlet cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.