var-201501-0436
Vulnerability from variot
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04604357
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04604357 Version: 1
HPSBGN03299 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information, Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-03-19 Last Updated: 2015-03-19
Potential Security Impact: Remote disclosure of information, unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL including:
The SSL vulnerability known as "FREAK", which could be exploited remotely to allow disclosure of information. Other vulnerabilities which could be exploited remotely resulting in unauthorized access.
References:
CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 SSRT101987
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. CVE-2014-3572 and CVE-2015-0204
HP IceWall MCRP Version 2.1 and 3.0
HP IceWall SSO Dfw Version 8.0, 8.0 R1, 8.0 R2, 8.0 R3, and Version 10.0
HP IceWall SSO Certd Version 8.0R3 with DB plugin patch 2 and Version
10.0 HP IceWall Federation Agent Version 3.0
CVE-2014-3570 and CVE-2014-8275
HP IceWall MCRP v2.1, v3.0
HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
HP IceWall SSO Agent v8.0 and v8.0 2007 Update Release 2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends the following software updates and workaround instructions to resolve the vulnerabilities for HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent. IceWall SSO Dfw 10.0 and Certd 10.0, which are running on RHEL, could be using either the OS bundled OpenSSL library or the OpenSSL bundled with HP IceWall. If still using the OpenSSL bundled with HP IceWall, please switch to the OpenSSL library bundled with the OS, and then follow the instructions in step 3.
Documents are available at the following location with instructions to
switch to the OS bundled OpenSSL library:
http://www.hp.com/jp/icewall_patchaccess
2. For IceWall SSO Dfw and Certd for SSO Dfw 8.0, 8.0 R1, 8.0 R2, 8.0 R3,
and SSO Certd 8.0 R3 with DB plugin patch 2, which bundle OpenSSL, please download the updated OpenSSL at the following location:
http://www.hp.com/jp/icewall_patchaccess
3. For HP IceWall products running on RHEL and are using the OS bundled
OpenSSL, RHEL has provided patch or mitigation instructions at the following location:
https://access.redhat.com/articles/1369543
Note: For RHEL6 (only) and CVE-2014-8275, please apply the RHEL6 patch
for OpenSSL from the following location:
https://access.redhat.com/security/cve/CVE-2014-8275
4. For IceWall products running on HP-UX which are using the OS bundled
OpenSSL, please apply the HP-UX OpenSSL update from the following location:
https://h20392.www2.hp.com/portal/swdepot/displayInstallInfo.do?produ
ctNumber=OPENSSL11I
WORKAROUND INSTRUCTIONS
HP recommends the following information to protect against potential risk from CVE-2014-3572 and CVE-2015-0204 for the following HP IceWall products.
HP IceWall SSO Dfw and MCRP
- If possible, do not use the SHOST setting which allows IceWall SSO
Dfw or MCRP to use SSL/TLS protocol to back-end web servers.
- If possible, do not use EXPORT-grade ciphers on the back-end web
servers.
HP IceWall SSO Certd (version 10.0 and 8.0R3 applied DB plugin patch
release 2)
- If possible, do not use the LDAPSSL setting which allows IceWall SSO
Certd to connect to the LDAP server using SSL/TLS protocol.
- If possible, do not use EXPORT-grade ciphers on the LDAP server.
IceWall Federation Agent
- If possible, use "bindings:HTTP-POST" instead of
"bindings:HTTP-Artifact" setting in the service provider meta file. The "bindings:HTTP-POST" setting would disable IWFA to use SSL for communicating with IdP server.
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 19 March 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Softpaq: http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe
Easy Update Via ThinPro / EasyUpdate (x86):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all- 4.4-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
Via ThinPro / EasyUpdate (ARM):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all- 4.4-armel.xar
Note: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch applied, VMware cannot connect if security level is set to "Refuse insecure connections". Updating VMware to the latest package on ftp.hp.com will solve the problem.
The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 https://www.openssl.org/news/secadv_20150108.txt
Updated Packages:
Mandriva Business Server 1/X86_64: 08baba1b5ee61bdd0bfbcf81d465f154 mbs1/x86_64/lib64openssl1.0.0-1.0.0p-1.mbs1.x86_64.rpm 51198a2b577e182d10ad72d28b67288e mbs1/x86_64/lib64openssl-devel-1.0.0p-1.mbs1.x86_64.rpm aa34fd335001d83bc71810d6c0b14e85 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0p-1.mbs1.x86_64.rpm c8b6fdaba18364b315e78761a5aa0c1c mbs1/x86_64/lib64openssl-static-devel-1.0.0p-1.mbs1.x86_64.rpm fc67f3da9fcd1077128845ce85be93e2 mbs1/x86_64/openssl-1.0.0p-1.mbs1.x86_64.rpm ab8f672de2bf2f0f412034f89624aa32 mbs1/SRPMS/openssl-1.0.0p-1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFUr+PRmqjQ0CJFipgRAtFXAJ46+q0aetnJkb6I9RuYmX5xFeGx9wCgt1rb LHbCdAkBpYHYSuaUwpiAu1w= =ePa9 -----END PGP SIGNATURE----- . Please order the latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO from the following location:
http://www.hp.com/go/insightupdates
Choose the orange Select button. This presents the HP Insight Management Media order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from the Software specification list. Fill out the rest of the form and submit it.
HP has addressed these vulnerabilities for the affected software components bundled with the HP Matrix Operating Environment in the following HP Security Bulletins. OpenSSL Security Advisory [08 Jan 2015] =======================================
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
Severity: Moderate
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
Severity: Moderate
A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch.
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
Severity: Low
When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx.
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
Severity: Low
An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
Severity: Low
An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Severity: Low
An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
Certificate fingerprints can be modified (CVE-2014-8275)
Severity: Low
OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint.
This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team.
Bignum squaring may produce incorrect results (CVE-2014-3570)
Severity: Low
Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined:
) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. ) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. ) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. ) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team.
[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0066-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0066.html Issue date: 2015-01-20 Updated on: 2015-01-21 CVE Names: CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
A NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash. A remote attacker could send multiple specially crafted DTLS messages to exhaust all available memory of a DTLS server. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. (CVE-2014-3570)
It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2015-0205)
All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the above issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1180184 - CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites 1180185 - CVE-2014-3572 openssl: ECDH downgrade bug fix 1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues 1180234 - CVE-2014-3571 openssl: DTLS segmentation fault in dtls1_get_record 1180235 - CVE-2015-0206 openssl: DTLS memory leak in dtls1_buffer_record 1180239 - CVE-2015-0205 openssl: DH client certificates accepted without verification 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm
ppc64: openssl-1.0.1e-30.el6_6.5.ppc.rpm openssl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc64.rpm
s390x: openssl-1.0.1e-30.el6_6.5.s390.rpm openssl-1.0.1e-30.el6_6.5.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-devel-1.0.1e-30.el6_6.5.s390.rpm openssl-devel-1.0.1e-30.el6_6.5.s390x.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-static-1.0.1e-30.el6_6.5.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-perl-1.0.1e-30.el6_6.5.s390x.rpm openssl-static-1.0.1e-30.el6_6.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.7.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-devel-1.0.1e-34.el7_0.7.s390.rpm openssl-devel-1.0.1e-34.el7_0.7.s390x.rpm openssl-libs-1.0.1e-34.el7_0.7.s390.rpm openssl-libs-1.0.1e-34.el7_0.7.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-static-1.0.1e-34.el7_0.7.ppc.rpm openssl-static-1.0.1e-34.el7_0.7.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-perl-1.0.1e-34.el7_0.7.s390x.rpm openssl-static-1.0.1e-34.el7_0.7.s390.rpm openssl-static-1.0.1e-34.el7_0.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3571 https://access.redhat.com/security/cve/CVE-2014-3572 https://access.redhat.com/security/cve/CVE-2014-8275 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0205 https://access.redhat.com/security/cve/CVE-2015-0206 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150108.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUwCWMXlSAg2UNWIIRAioBAJ4/RjG4OGXzCwg+PJJWNqyvahe3rQCeNE+X ENFobdxQdJ+gVAiRe8Qf54A= =wyAg -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201501-0436", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "powerlinux 7r2", "scope": "eq", "trust": 1.2, "vendor": "ibm", "version": "0" }, { "model": "communications core session manager", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "7.3.5" }, { "model": "communications core session manager", "scope": "eq", "trust": 1.1, "vendor": "oracle", "version": "7.2.5" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0n" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0o" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1e" }, { "model": "openssl", "scope": "lte", "trust": 1.0, "vendor": "openssl", "version": "0.9.8zc" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0k" }, { "model": "power", "scope": "eq", "trust": 0.9, "vendor": "ibm", "version": "7200" }, { "model": "power", "scope": "eq", "trust": 0.9, "vendor": "ibm", "version": "7700" }, { "model": "power", "scope": "eq", "trust": 0.9, "vendor": "ibm", "version": "7800" }, { "model": "power", "scope": "eq", "trust": 0.9, "vendor": "ibm", "version": "7100" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.1" }, { "model": "sparc enterprise m3000 server", "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.3" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.9.5" }, { "model": "sparc enterprise m5000 server", "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "agent 8.0" }, { "model": "sparc enterprise m9000 server", "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "dfw 8.0" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.2" }, { "model": "xcp", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "2260" }, { "model": "sparc enterprise m4000 server", "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 5.0" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.8.5" }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 4.63" }, { "model": "fusion middleware", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle mobile security suite mss 3.0" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "11.2" }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 4.71" }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "agent 8.0 2007 update release 2" }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "dfw 8.0 r3" }, { "model": "openssl", "scope": "eq", "trust": 0.8, "vendor": "openssl", "version": "1.0.0p" }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "dfw 8.0 r2" }, { "model": "hp icewall mcrp", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "3.0" }, { "model": "openssl", "scope": "lt", "trust": 0.8, "vendor": "openssl", "version": "1.0.1" }, { "model": "xcp", "scope": "lt", "trust": 0.8, "vendor": "oracle", "version": "(sparc enterprise m3000/m4000/m5000/m8000/m9000 server )" }, { "model": "openssl", "scope": "lt", "trust": 0.8, "vendor": "openssl", "version": "1.0.0" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.1" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "5.6.22 and earlier" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.4" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.4" }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "dfw 8.0 r1" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(arm) 4.2" }, { "model": "hp icewall sso", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "dfw 10.0" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 4.3" }, { "model": "xcp", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "1120" }, { "model": "hp thinpro linux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "(x86) 5.1" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "10.10 to 10.10.2" }, { "model": "openssl", "scope": "eq", "trust": 0.8, "vendor": "openssl", "version": "1.0.1k" }, { "model": "hp icewall mcrp", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "2.1" }, { "model": "xcp", "scope": "lt", "trust": 0.8, "vendor": "oracle", "version": "(fujitsu m10-1/m10-4/m10-4s server )" }, { "model": "sparc enterprise m8000 server", "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "virtualization", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "of oracle secure global desktop 5.1" }, { "model": "power", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "7400" }, { "model": "power express", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "5200" }, { "model": "paging server", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "power", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "5700" }, { "model": "power", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "7300" }, { "model": "powerlinux 7r1", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.6, "vendor": "hp", "version": "7.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.1" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.5" }, { "model": "mate collector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ata series analog terminal adaptor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1900" }, { "model": "power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7600" }, { "model": "flex system en2092 1gb ethernet scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.60" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.1" }, { "model": "enterprise", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "power system s822", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "bladecenter advanced management module 25r5778", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "telepresence server on virtual machine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1948" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "783.00" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5205635" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.6" }, { "model": "upward integration modules scvmm add-in", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.80" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "flex system p270 compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7954-24x)0" }, { "model": "project openssl 0.9.8f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "6" }, { "model": "power systems e870", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "sbr carrier", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22025850" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.4" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.50" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.1.3" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6" }, { "model": "project openssl 1.0.0d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355042540" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "90000" }, { "model": "project openssl 1.0.1e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "idataplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79120" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.780" }, { "model": "project openssl 0.9.8u", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32400" }, { "model": "project openssl 1.0.1a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.2.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "85100" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.2" }, { "model": "ip interoperability and collaboration system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl 1.0.0p", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3400" }, { "model": "systems insight manager 7.3.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "flex system p260 compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7895-23x)0" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.0" }, { "model": "project openssl 1.0.0g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "hunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "junos os 13.3r6", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "tivoli netcool/reporter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4.19" }, { "model": "telepresence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70104.1" }, { "model": "prime security manager 04.8 qa08", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.70" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.21" }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.7" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "cognos planning interim fix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1.1.4" }, { "model": "enterprise", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.2" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.3" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.1" }, { "model": "project openssl 0.9.8zb", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7" }, { "model": "netscaler t1", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.0-68" }, { "model": "prime license manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "splunk", "scope": "ne", "trust": 0.3, "vendor": "splunk", "version": "6.1.7" }, { "model": "system m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355041980" }, { "model": "power systems 350.c0", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.842" }, { "model": "workflow for bluemix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5750" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "app for netapp data ontap", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "flex system manager node types", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79550" }, { "model": "filenet system monitor", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0.870" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2-77" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "telepresence te software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "linux enterprise software development kit sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.9.1.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x350073830" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "7" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.2.2.2" }, { "model": "network configuration and change management service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "prime collaboration assurance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.840" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "telepresence content server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37001.1" }, { "model": "tandberg codian mse model", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83200" }, { "model": "local collector appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.2.8" }, { "model": "power system s814", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "project openssl 0.9.8w", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310025820" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "1" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.21" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.4" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.1" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.2" }, { "model": "tivoli workload scheduler for applications", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "flex system fabric cn4093 10gb converged scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.60" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.3" }, { "model": "flex system fabric en4093r 10gb scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.6.0" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.40" }, { "model": "project openssl 1.0.0m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "power systems 350.b1", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.1.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.27" }, { "model": "cognos planning interim fix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.12" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24087380" }, { "model": "project openssl 1.0.1g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "power systems 350.e0", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "project openssl 0.9.8m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "prime lan management solution", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "flex system fabric en4093r 10gb scalable switch", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.10.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.21" }, { "model": "wide area application services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "alienvault", "scope": "ne", "trust": 0.3, "vendor": "alienvault", "version": "4.15.1" }, { "model": "command center appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "splunk", "scope": "ne", "trust": 0.3, "vendor": "splunk", "version": "5.0.12" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.96" }, { "model": "flashsystem 9848-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v840" }, { "model": "project openssl 1.0.1k", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50001.1" }, { "model": "bladecenter -t", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8720" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.1.2" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "power systems 350.e1", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "media services interface", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ctpview", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.6.156" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.00" }, { "model": "netscaler gateway", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "project openssl 1.0.1i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.12" }, { "model": "unified attendant console advanced", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "alienvault", "scope": "eq", "trust": 0.3, "vendor": "alienvault", "version": "4.13" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.8" }, { "model": "proactive network operations center", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.6" }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.10" }, { "model": "alienvault", "scope": "eq", "trust": 0.3, "vendor": "alienvault", "version": "4.12" }, { "model": "system management homepage c", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "jabber for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4.1" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079450" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.5" }, { "model": "enterprise content delivery service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.4(7.26)" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.8.0.10" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8886" }, { "model": "unified sip proxy", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4.19" }, { "model": "telepresence advanced media gateway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1.4" }, { "model": "unified attendant console premium edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32100" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "tivoli workload scheduler distributed fp03", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4" }, { "model": "project openssl 0.9.8r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "initiate master data service provider hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.3" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "app for stream", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "firesight system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.4.1.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "power systems 350.a0", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "project openssl 0.9.8n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.14" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.1" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "virtual connect enterprise manager sdk", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.6" }, { "model": "systems insight manager sp5", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.3" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.3" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.0.820" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.1(5.106)" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.3" }, { "model": "project openssl 0.9.8y", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "upward integration modules for microsoft system center", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4.1.8" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.4.1.8" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22079060" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.11" }, { "model": "upward integration modules hardware management pack", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.4" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3850x638370" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x88042590" }, { "model": "project openssl 1.0.0l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.1" }, { "model": "netscaler application delivery controller", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "wireless lan controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "upward integration modules integrated installer", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1" }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7967" }, { "model": "dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79180" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.11" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "initiate master data service patient hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.9" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "13.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.68" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.00" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.02" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.102" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.4" }, { "model": "anyres live", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.4" }, { "model": "project openssl 0.9.8p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.22" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "application policy infrastructure controller 1.0", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.1.830" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "820.03" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8852" }, { "model": "unified attendant console business edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "nextscale nx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "54550" }, { "model": "bladecenter -ht", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8750" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.1" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5205577" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15-210" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.13" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x571451.43" }, { "model": "tandberg codian isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32200" }, { "model": "10g vfsm for bladecenter", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.6.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365042550" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.7" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.9.1" }, { "model": "jabber video for telepresence", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571910" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0-103" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.12.201" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.16" }, { "model": "proventia network enterprise scanner", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.95" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.4" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.11" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.1.3.3" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7.770" }, { "model": "prime collaboration deployment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.81" }, { "model": "dx series ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0-95" }, { "model": "virtualization experience media engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.6" }, { "model": "tivoli workload scheduler distributed fp05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "tivoli workload scheduler distributed fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0" }, { "model": "project openssl 0.9.8za", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2.0.8" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.4" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.00" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "ace30 application control engine module 3.0 a5", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "junos os 12.3r10", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "unified computing system b-series servers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 0.9.8q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.11" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.96" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079150" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571480" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1.0.6" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.6" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.7" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.1" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.2.127" }, { "model": "jabber software development kit", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.50" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.800" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0.8" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "firesight system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.4.0.2" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "cms r17 r4", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.21" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087220" }, { "model": "project openssl 1.0.1c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.4" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x350073800" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.60" }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1881" }, { "model": "powerlinux 7r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8v" }, { "model": "flex system fabric si4093 system interconnect module", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.4.0" }, { "model": "project openssl 1.0.1f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1-73" }, { "model": "infosphere balanced warehouse c4000", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "infosphere master data management patient hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.4.1" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.4" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.780" }, { "model": "power systems 350.b0", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "system idataplex dx360 m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x63910" }, { "model": "tivoli provisioning manager for images", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.1" }, { "model": "upward integration modules scvmm add-in", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.4" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.5" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.0" }, { "model": "identity service engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 0.9.8g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.15" }, { "model": "cms r17", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "virtual connect enterprise manager sdk", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.0" }, { "model": "wag310g residential gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5" }, { "model": "power ese", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.0-14" }, { "model": "hunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "infosphere master data management", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "11.4" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571460" }, { "model": "sametime community server hf1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x571431.43" }, { "model": "as infinity", "scope": "ne", "trust": 0.3, "vendor": "pexip", "version": "8.1" }, { "model": "cognos controller if1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1.1.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10.2" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "820.02" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.2" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.00" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.11" }, { "model": "project openssl 1.0.0o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3.1.7" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "tivoli workload scheduler for applications fp02", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "rational software architect", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0.860" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2" }, { "model": "linux enterprise server for vmware sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.146" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6" }, { "model": "application policy infrastructure controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.1(0.625)" }, { "model": "bladecenter -s", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7779" }, { "model": "agent desktop", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "10.0(2)" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x88079030" }, { "model": "upward integration modules for vmware vsphere", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.5.3" }, { "model": "sametime community server limited use", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9" }, { "model": "flex system en2092 1gb ethernet scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.4.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0.870" }, { "model": "flex system p260 compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7895-22x)0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24087370" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571470" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.2" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2.77" }, { "model": "onepk all-in-one vm", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "jabber voice for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.3" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.10" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "alienvault", "scope": "eq", "trust": 0.3, "vendor": "alienvault", "version": "4.12.1" }, { "model": "idp", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "52056340" }, { "model": "ctpos 7.0r4", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "aura conferencing", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "unified attendant console department edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0.0.840" }, { "model": "system management homepage a", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.11.197" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "prime data center network manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.14" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.3" }, { "model": "power system s824l", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.15210" }, { "model": "network performance analytics", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "splunk", "scope": "ne", "trust": 0.3, "vendor": "splunk", "version": "6.0.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.64" }, { "model": "system m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365041990" }, { "model": "system m4 hd type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365054600" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "rational software architect for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "flex system interconnect fabric", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.80" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.30" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)5.0" }, { "model": "infosphere master data management provider hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.8" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.0" }, { "model": "hunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.2" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.116" }, { "model": "rational software architect for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "power express", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "560" }, { "model": "project openssl 0.9.8l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "10g vfsm for bladecenter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "version control repository manager 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "power 795", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "junos space", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3.740" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.20" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1" }, { "model": "flex system fabric si4093 system interconnect module", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.10.0" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70000" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "systems insight manager update", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.31" }, { "model": "ddos secure", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system management homepage 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.6" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.51" }, { "model": "telepresence server on multiparty media", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3204.1" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "flashsystem 9846-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v840" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "60000" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x571430" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "system idataplex dx360 m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x73210" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.21" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "cms r17 r3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x22279160" }, { "model": "1:10g switch for bladecenter", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.4.10.0" }, { "model": "project openssl 1.0.0i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "power system s822l", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571450" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5504667" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.10" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5205587" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "project openssl 0.9.8zd", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system idataplex dx360 m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x63800" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.1" }, { "model": "ringmaster appliance", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.60" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "cognos planning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.2" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4.19" }, { "model": "tivoli workload scheduler for applications", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.5" }, { "model": "ctpview 7.1r1", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.1" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.2" }, { "model": "cognos controller interim fix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.2.0.1" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.13" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.41" }, { "model": "flex system fabric cn4093 10gb converged scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.4.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "flex system en2092 1gb ethernet scalable switch", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.10.0" }, { "model": "unified ip conference phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "88310" }, { "model": "project openssl 1.0.0e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "bladecenter js22", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7998-61x)0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "clustered data ontap", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.1" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "enterprise", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "vgw", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.3.0.5" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1x8664" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "business process manager advanced", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.6" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.20" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4" }, { "model": "infosphere balanced warehouse c3000", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.10" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.32" }, { "model": "1:10g switch for bladecenter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.2.835" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "system m4 bd type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365054660" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10.1" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8x" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4.19" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.15" }, { "model": "upward integration modules hardware management pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "openssh for gpfs", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "src series", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "telepresence supervisor mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "80500" }, { "model": "system m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355079460" }, { "model": "iptv", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "upward integration modules integrated installer", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.12" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325025830" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.3" }, { "model": "ns oncommand core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "project openssl 0.9.8t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.2.106" }, { "model": "web security appliance 9.0.0 -fcs", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "systems insight manager sp3", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355079440" }, { "model": "bladecenter js23", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7778-23x)0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.1.830" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.2" }, { "model": "enterprise content management system monitor", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "42000" }, { "model": "hosted collaboration mediation fulfillment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "mint", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "application networking manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage 7.3.2.1", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "socialminer", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "3" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571920" }, { "model": "project openssl 1.0.0c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.14.20" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.760" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "video surveillance media server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "84200" }, { "model": "physical access gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "20500" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.5" }, { "model": "system m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079470" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "52056330" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.4" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3690x571490" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.3" }, { "model": "1:10g switch for bladecenter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4.80" }, { "model": "telepresence video communication server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime network registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.3" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "bladecenter js43 with feature code", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7778-23x8446)0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "telepresence sx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.51" }, { "model": "enterprise content management system monitor", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.4" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "system management homepage b", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.186" }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.04" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x330073820" }, { "model": "cognos planning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "project openssl 1.0.0f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "meetingplace", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "2" }, { "model": "power system s824", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "ctp", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "flex system fabric cn4093 10gb converged scalable switch", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.10.0" }, { "model": "power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7500" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9.790" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.0.2" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.1.730" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.12" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x363071580" }, { "model": "power systems e880", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "ctpos 7.1r1", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.2.0.5" }, { "model": "project openssl 1.0.0j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "35000" }, { "model": "project openssl 1.0.0b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.1" }, { "model": "flex system p460 compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7895-42x)0" }, { "model": "initiate master data service patient hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "enterprise", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.5" }, { "model": "expressway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.5" }, { "model": "bladecenter t advanced management module 32r0835", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "57100" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.801" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70006.2" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.10" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8734-" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.3.0.5" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.20" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.11" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.0.820" }, { "model": "systems insight manager sp2", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3000" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.3" }, { "model": "mobile wireless transport manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli workload scheduler distributed fp07", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.2" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.6" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "mate design", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "infosphere master data management", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "11.0" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24078630" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.61" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4.143" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "business process manager advanced", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.5" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087330" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.20" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x24089560" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.90" }, { "model": "powervu d9190 conditional access manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.02" }, { "model": "bladecenter js12 express", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7998-60x)0" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.1" }, { "model": "project openssl 1.0.1j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.2" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "bladecenter -t", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8730" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "cloudbridge", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.4" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4.1.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.3" }, { "model": "data ontap operating in 7-mode", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "tivoli workload scheduler for applications fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3.132" }, { "model": "enterprise", "scope": "ne", "trust": 0.3, "vendor": "splunk", "version": "6.2.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1.0.7" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x353071600" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.0(4.29)" }, { "model": "flashsystem 9840-ae1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "840" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3.0" }, { "model": "mate live", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence integrator c series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.3.0.5" }, { "model": "project openssl 1.0.1d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0-12" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.50" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.9" }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7989" }, { "model": "mobile security suite mss", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0" }, { "model": "rational software architect", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.1.104" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.6" }, { "model": "tivoli workload scheduler distributed fp05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1.0.7" }, { "model": "nsm", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.20" }, { "model": "cognos controller if3", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.10" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.11" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1.0.6" }, { "model": "flex system p24l compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.1.0" }, { "model": "bladecenter -ht", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8740" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0.860" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.4" }, { "model": "power system s812l", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.10" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.2" }, { "model": "flex system fabric en4093r 10gb scalable switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.4.0" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.1" }, { "model": "prime collaboration provisioning", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "pulse secure", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "5" }, { "model": "initiate master data service provider hub", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087180" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8731-" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.0" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.5" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.1.2" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.8" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5.146" }, { "model": "idataplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79130" }, { "model": "systems insight manager sp6", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.0.1.73" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "4" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "45000" }, { "model": "telepresence isdn gw", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32410" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0" }, { "model": "project openssl 0.9.8zc", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310054570" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "infosphere master data management", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "11.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "783.01" }, { "model": "mac os", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.10.3" }, { "model": "telepresence server on multiparty media", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3104.1" }, { "model": "telepresence ex series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1" }, { "model": "system idataplex dx360 m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x73230" }, { "model": "webex meetings for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3.1" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x363073770" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.10" }, { "model": "flex system interconnect fabric", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.8.10.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.4" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1841" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.3" }, { "model": "cognos controller fp1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4" }, { "model": "tivoli workload scheduler for applications", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "virtual connect enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "project openssl 1.0.0h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.3" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)4.4" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "initiate master data service", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.9.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.3" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "systems insight manager sp1", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.8.179" }, { "model": "as infinity", "scope": "eq", "trust": 0.3, "vendor": "pexip", "version": "8" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "junos os", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x355079140" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.20" }, { "model": "project openssl 0.9.8o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "alienvault", "scope": "eq", "trust": 0.3, "vendor": "alienvault", "version": "4.15" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.16" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl 1.0.1b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0k", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "810.01" }, { "model": "power systems 350.d0", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "bladecenter -h", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1886" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x375087520" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.40" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.2" }, { "model": "vds service broker", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence conductor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "74.90" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "d9036 modular encoding platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "video surveillance 4300e/4500e high-definition ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.5" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.40" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x638370" }, { "model": "flex system p260 compute node /fc efd9", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "0" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "6" }, { "model": "tivoli workload scheduler distributed fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50006.2" }, { "model": "app for vmware", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5950" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "junos os 12.3x48-d10", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "bladecenter -e", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8677" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.2" }, { "model": "cognos controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10500" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.0.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.5" }, { "model": "one-x client enablement services sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "system m3 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365054540" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "video surveillance ptz ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "anyconnect secure mobility client for ios", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "004.000(1233)" }, { "model": "project openssl 0.9.8s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.2.835" }, { "model": "real-time compression appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.2.10" }, { "model": "telepresence serial gateway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.841" }, { "model": "tivoli workload scheduler distributed", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35006.3" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.1.0.7" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "ctpos 6.6r5", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "cloud", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "0" }, { "model": "webex meetings server 2.5mr2", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "junos os 13.2r8", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.5" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37006.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1.0.103" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.3" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "6.0.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "780.01" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "740.52" }, { "model": "tivoli common reporting", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.1" }, { "model": "unified attendant console enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "power express", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "550" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "netscaler service delivery appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "system m2 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x350078390" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "mysql server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.22" }, { "model": "power express f/c", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5504965" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.2.7" }, { "model": "telepresence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "87104.1" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "53000" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.3.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.0.121" }, { "model": "flex system fabric si4093 system interconnect module", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.8.60" }, { "model": "ios 15.5 s", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.8" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.1.0.7" }, { "model": "prime performance manager for sps ppm sp1", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.6" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "telepresence mx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "session border controller for enterprise", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.0" }, { "model": "tivoli workload scheduler distributed fp04", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.7.770" }, { "model": "insight orchestration", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "350.70" }, { "model": "telepresence isdn gw mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83210" }, { "model": "ucs central", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence profile series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "splunk", "scope": "eq", "trust": 0.3, "vendor": "splunk", "version": "5.0.3" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.1.0.6" }, { "model": "san volume controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v37007.1" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.31" }, { "model": "flex system compute node type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x44079170" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.1" }, { "model": "unified communications domain manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "10.1.2" }, { "model": "flex system p460 compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "(7895-43x)0" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.3" }, { "model": "systems insight manager 7.4.0a", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "emergency responder", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v35007.2.0.8" }, { "model": "dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79190" }, { "model": "im and presence service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4.750" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v50007.3.0.5" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.1" }, { "model": "nac guest server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325054580" }, { "model": "storwize", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70007.2.0.8" }, { "model": "power systems", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "770.00" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.4" }, { "model": "tivoli provisioning manager for images system edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x7.1.1.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.10.800" }, { "model": "thinpro linux", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "(x86)5.1" }, { "model": "cloud object store", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "project openssl 1.0.1h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.9.790" } ], "sources": [ { "db": "BID", "id": "71942" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "0.9.8zc", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3572" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "HP", "sources": [ { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "130985" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "130987" }, { "db": "PACKETSTORM", "id": "133325" } ], "trust": 0.5 }, "cve": "CVE-2014-3572", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2014-3572", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-3572", "trust": 1.8, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-3572", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04604357\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04604357\nVersion: 1\n\nHPSBGN03299 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent\nrunning OpenSSL, Remote Disclosure of Information, Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-03-19\nLast Updated: 2015-03-19\n\nPotential Security Impact: Remote disclosure of information, unauthorized\naccess\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP IceWall SSO\nDfw, SSO Certd, MCRP, and Federation Agent running OpenSSL including:\n\nThe SSL vulnerability known as \"FREAK\", which could be exploited remotely to\nallow disclosure of information. \nOther vulnerabilities which could be exploited remotely resulting in\nunauthorized access. \n\nReferences:\n\nCVE-2014-3570\nCVE-2014-3572\nCVE-2014-8275\nCVE-2015-0204\nSSRT101987\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n CVE-2014-3572 and CVE-2015-0204\n\n HP IceWall MCRP Version 2.1 and 3.0\n HP IceWall SSO Dfw Version 8.0, 8.0 R1, 8.0 R2, 8.0 R3, and Version 10.0\n HP IceWall SSO Certd Version 8.0R3 with DB plugin patch 2 and Version\n10.0\n HP IceWall Federation Agent Version 3.0\n\n CVE-2014-3570 and CVE-2014-8275\n\n HP IceWall MCRP v2.1, v3.0\n HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n HP IceWall SSO Agent v8.0 and v8.0 2007 Update Release 2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\n HP recommends the following software updates and workaround instructions to\nresolve the vulnerabilities for HP IceWall SSO Dfw, SSO Certd, MCRP, and\nFederation Agent. IceWall SSO Dfw 10.0 and Certd 10.0, which are running on RHEL, could\nbe using either the OS bundled OpenSSL library or the OpenSSL bundled with HP\nIceWall. If still using the OpenSSL bundled with HP IceWall, please switch to\nthe OpenSSL library bundled with the OS, and then follow the instructions in\nstep 3. \n\n Documents are available at the following location with instructions to\nswitch to the OS bundled OpenSSL library:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n 2. For IceWall SSO Dfw and Certd for SSO Dfw 8.0, 8.0 R1, 8.0 R2, 8.0 R3,\nand SSO Certd 8.0 R3 with DB plugin patch 2, which bundle OpenSSL, please\ndownload the updated OpenSSL at the following location:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n 3. For HP IceWall products running on RHEL and are using the OS bundled\nOpenSSL, RHEL has provided patch or mitigation instructions at the following\nlocation:\n\n https://access.redhat.com/articles/1369543\n\n Note: For RHEL6 (only) and CVE-2014-8275, please apply the RHEL6 patch\nfor OpenSSL from the following location:\n\n https://access.redhat.com/security/cve/CVE-2014-8275\n\n 4. For IceWall products running on HP-UX which are using the OS bundled\nOpenSSL, please apply the HP-UX OpenSSL update from the following location:\n\n https://h20392.www2.hp.com/portal/swdepot/displayInstallInfo.do?produ\nctNumber=OPENSSL11I\n\nWORKAROUND INSTRUCTIONS\n\n HP recommends the following information to protect against potential risk\nfrom CVE-2014-3572 and CVE-2015-0204 for the following HP IceWall products. \n\n HP IceWall SSO Dfw and MCRP\n\n - If possible, do not use the SHOST setting which allows IceWall SSO\nDfw or MCRP to use SSL/TLS protocol to back-end web servers. \n\n - If possible, do not use EXPORT-grade ciphers on the back-end web\nservers. \n\n HP IceWall SSO Certd (version 10.0 and 8.0R3 applied DB plugin patch\nrelease 2)\n\n - If possible, do not use the LDAPSSL setting which allows IceWall SSO\nCertd to connect to the LDAP server using SSL/TLS protocol. \n\n - If possible, do not use EXPORT-grade ciphers on the LDAP server. \n\n IceWall Federation Agent\n\n - If possible, use \"bindings:HTTP-POST\" instead of\n\"bindings:HTTP-Artifact\" setting in the service provider meta file. The\n\"bindings:HTTP-POST\" setting would disable IWFA to use SSL for communicating\nwith IdP server. \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 19 March 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nSoftpaq:\nhttp://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe\n\nEasy Update Via ThinPro / EasyUpdate (x86):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-\n4.4-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nVia ThinPro / EasyUpdate (ARM):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-\n4.4-armel.xar\n\nNote: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch\napplied, VMware cannot connect if security level is set to \"Refuse insecure\nconnections\". Updating VMware to the latest package on ftp.hp.com will solve\nthe problem. \n \n The updated packages have been upgraded to the 1.0.0p version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n https://www.openssl.org/news/secadv_20150108.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 08baba1b5ee61bdd0bfbcf81d465f154 mbs1/x86_64/lib64openssl1.0.0-1.0.0p-1.mbs1.x86_64.rpm\n 51198a2b577e182d10ad72d28b67288e mbs1/x86_64/lib64openssl-devel-1.0.0p-1.mbs1.x86_64.rpm\n aa34fd335001d83bc71810d6c0b14e85 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0p-1.mbs1.x86_64.rpm\n c8b6fdaba18364b315e78761a5aa0c1c mbs1/x86_64/lib64openssl-static-devel-1.0.0p-1.mbs1.x86_64.rpm\n fc67f3da9fcd1077128845ce85be93e2 mbs1/x86_64/openssl-1.0.0p-1.mbs1.x86_64.rpm \n ab8f672de2bf2f0f412034f89624aa32 mbs1/SRPMS/openssl-1.0.0p-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFUr+PRmqjQ0CJFipgRAtFXAJ46+q0aetnJkb6I9RuYmX5xFeGx9wCgt1rb\nLHbCdAkBpYHYSuaUwpiAu1w=\n=ePa9\n-----END PGP SIGNATURE-----\n. Please order\nthe latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO\nfrom the following location:\n\nhttp://www.hp.com/go/insightupdates\n\nChoose the orange Select button. This presents the HP Insight Management\nMedia order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from\nthe Software specification list. Fill out the rest of the form and submit it. \n\nHP has addressed these vulnerabilities for the affected software components\nbundled with the HP Matrix Operating Environment in the following HP Security\nBulletins. OpenSSL Security Advisory [08 Jan 2015]\n=======================================\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n===========================================================\n\nSeverity: Moderate\n\nA carefully crafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of\nCisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL\ncore team. \n\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n=======================================================\n\nSeverity: Moderate\n\nA memory leak can occur in the dtls1_buffer_record function under certain\nconditions. In particular this could occur if an attacker sent repeated DTLS\nrecords with the same sequence number but for the next epoch. The memory leak\ncould be exploited by an attacker in a Denial of Service attack through memory\nexhaustion. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also\nprovided an initial patch. Further analysis was performed by Matt Caswell of the\nOpenSSL development team, who also developed the final patch. \n\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\n=========================================================\n\nSeverity: Low\n\nWhen openssl is built with the no-ssl3 option and a SSL v3 ClientHello is\nreceived the ssl method would be set to NULL which could later result in\na NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The\nfix was developed by Kurt Roeckx. \n\n\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n==========================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite\nusing an ECDSA certificate if the server key exchange message is omitted. This\neffectively removes forward secrecy from the ciphersuite. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n==============================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept the use of an RSA temporary key in a non-export\nRSA key exchange ciphersuite. A server could present a weak temporary key\nand downgrade the security of the session. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\n=============================================================================\n\nSeverity: Low\n\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects servers\nwhich trust a client certificate authority which issues certificates\ncontaining DH keys: these are extremely rare and hardly ever encountered. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nCertificate fingerprints can be modified (CVE-2014-8275)\n========================================================\n\nSeverity: Low\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. By modifying the contents of the\nsignature algorithm or the encoding of the signature, it is possible\nto change the certificate\u0027s fingerprint. \n\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any\nother way. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and\n0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nOne variant of this issue was discovered by Antti Karjalainen and\nTuomo Untinen from the Codenomicon CROSS program and reported to\nOpenSSL on 1st December 2014 by NCSC-FI Vulnerability\nCo-ordination. Another variant was independently reported to OpenSSL\non 12th December 2014 by Konrad Kraszewski from Google. Further\nanalysis was conducted and fixes were developed by Stephen Henson of\nthe OpenSSL core team. \n\nBignum squaring may produce incorrect results (CVE-2014-3570)\n=============================================================\n\nSeverity: Low\n\nBignum squaring (BN_sqr) may produce incorrect results on some\nplatforms, including x86_64. This bug occurs at random with a very\nlow probability, and is not known to be exploitable in any way, though\nits exact impact is difficult to determine. The following has been\ndetermined:\n\n*) The probability of BN_sqr producing an incorrect result at random\nis very low: 1/2^64 on the single affected 32-bit platform (MIPS) and\n1/2^128 on affected 64-bit platforms. \n*) On most platforms, RSA follows a different code path and RSA\noperations are not affected at all. For the remaining platforms\n(e.g. OpenSSL built without assembly support), pre-existing\ncountermeasures thwart bug attacks [1]. \n*) Static ECDH is theoretically affected: it is possible to construct\nelliptic curve points that would falsely appear to be on the given\ncurve. However, there is no known computationally feasible way to\nconstruct such points with low order, and so the security of static\nECDH private keys is believed to be unaffected. \n*) Other routines known to be theoretically affected are modular\nexponentiation, primality testing, DSA, RSA blinding, JPAKE and\nSRP. No exploits are known and straightforward bug attacks fail -\neither the attacker cannot control when the bug triggers, or no\nprivate key material is involved. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille\n(Blockstream) who also suggested an initial fix. Further analysis was\nconducted by the OpenSSL development team and Adam Langley of\nGoogle. The final fix was developed by Andy Polyakov of the OpenSSL\ncore team. \n\n[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf\n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150108.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2015:0066-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0066.html\nIssue date: 2015-01-20\nUpdated on: 2015-01-21\nCVE Names: CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 \n CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 \n CVE-2015-0206 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nA NULL pointer dereference flaw was found in the DTLS implementation of\nOpenSSL. A remote attacker could send a specially crafted DTLS message,\nwhich would cause an OpenSSL server to crash. A remote attacker could send\nmultiple specially crafted DTLS messages to exhaust all available memory of\na DTLS server. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. (CVE-2014-3570)\n\nIt was discovered that OpenSSL would perform an ECDH key exchange with a\nnon-ephemeral key even when the ephemeral ECDH cipher suite was selected. \nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2015-0205)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the above issues. For the update to\ntake effect, all services linked to the OpenSSL library (such as httpd and\nother SSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1180184 - CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites\n1180185 - CVE-2014-3572 openssl: ECDH downgrade bug fix\n1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues\n1180234 - CVE-2014-3571 openssl: DTLS segmentation fault in dtls1_get_record\n1180235 - CVE-2015-0206 openssl: DTLS memory leak in dtls1_buffer_record\n1180239 - CVE-2015-0205 openssl: DH client certificates accepted without verification\n1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\n\nppc64:\nopenssl-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-static-1.0.1e-30.el6_6.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.7.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3570\nhttps://access.redhat.com/security/cve/CVE-2014-3571\nhttps://access.redhat.com/security/cve/CVE-2014-3572\nhttps://access.redhat.com/security/cve/CVE-2014-8275\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0205\nhttps://access.redhat.com/security/cve/CVE-2015-0206\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150108.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUwCWMXlSAg2UNWIIRAioBAJ4/RjG4OGXzCwg+PJJWNqyvahe3rQCeNE+X\nENFobdxQdJ+gVAiRe8Qf54A=\n=wyAg\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2014-3572" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "BID", "id": "71942" }, { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "130985" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "130987" }, { "db": "PACKETSTORM", "id": "129870" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "129867" }, { "db": "PACKETSTORM", "id": "130051" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-3572", "trust": 3.0 }, { "db": "JUNIPER", "id": "JSA10679", "trust": 1.4 }, { "db": "BID", "id": "71942", "trust": 1.4 }, { "db": "MCAFEE", "id": "SB10102", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10108", "trust": 1.1 }, { "db": "SECTRACK", "id": "1033378", "trust": 1.1 }, { "db": "JVN", "id": "JVNVU98974537", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91828320", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-007553", "trust": 0.8 }, { "db": "VULMON", "id": "CVE-2014-3572", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133317", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130985", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133316", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130987", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129870", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133325", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129867", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130051", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "BID", "id": "71942" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "130985" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "130987" }, { "db": "PACKETSTORM", "id": "129870" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "129867" }, { "db": "PACKETSTORM", "id": "130051" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "id": "VAR-201501-0436", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.36198661599999993 }, "last_update_date": "2024-07-23T21:40:45.003000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004", "trust": 0.8, "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html" }, { "title": "HT204659", "trust": 0.8, "url": "https://support.apple.com/en-us/ht204659" }, { "title": "HT204659", "trust": 0.8, "url": "https://support.apple.com/ja-jp/ht204659" }, { "title": "cisco-sa-20150310-ssl", "trust": 0.8, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl" }, { "title": "ECDH downgrade bug fix.", "trust": 0.8, "url": "https://github.com/openssl/openssl/commit/b15f8769644b00ef7283521593360b7b2135cb63" }, { "title": "HPSBUX03244 SSRT101885", "trust": 0.8, "url": "http://h20565.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04556853\u0026lang=en\u0026cc=us" }, { "title": "HPSBGN03299", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2" }, { "title": "HPSBHF03289", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "title": "NV15-017", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-017.html" }, { "title": "ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)", "trust": 0.8, "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html" }, { "title": "Oracle Critical Patch Update Advisory - July 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Oracle Critical Patch Update Advisory - October 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html" }, { "title": "Oracle Critical Patch Update Advisory - July 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "title": "Oracle Third Party Bulletin - January 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "title": "RHSA-2015:0066", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2015-0066.html" }, { "title": "July 2016 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update" }, { "title": "July 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "October 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update" }, { "title": "cisco-sa-20150310-ssl", "trust": 0.8, "url": "http://www.cisco.com/cisco/web/support/jp/112/1128/1128755_cisco-sa-20150310-ssl-j.html" }, { "title": "TLSA-2015-2", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2015/tlsa-2015-2j.html" }, { "title": "\u682a\u5f0f\u4f1a\u793e\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc \u306e\u544a\u77e5\u30da\u30fc\u30b8", "trust": 0.8, "url": "http://buffalo.jp/support_s/s20150327b.html" }, { "title": "Red Hat: Moderate: openssl security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20150066 - security advisory" }, { "title": "Red Hat: CVE-2014-3572", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-3572" }, { "title": "Ubuntu Security Notice: openssl vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2459-1" }, { "title": "Debian Security Advisories: DSA-3125-1 openssl -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807" }, { "title": "Amazon Linux AMI: ALAS-2015-469", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-469" }, { "title": "Splunk Security Announcements: Splunk Enterprise versions 6.1.7, 6.0.8, and 5.0.12 address two vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=e17c368f43499efc420edc223af663db" }, { "title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7" }, { "title": "Apple: OS X Yosemite v10.10.3 and Security Update 2015-004", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=aa5ab46566482c02434bb8cf65c9614e" }, { "title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165" }, { "title": "Splunk Security Announcements: Splunk Enterprise 6.2.2 addresses two vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=d9c34d2680d213e5c9dae973a42328f1" }, { "title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a" }, { "title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - July 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489" }, { "title": "JPN_RIC13351-2", "trust": 0.1, "url": "https://github.com/neominds/jpn_ric13351-2 " }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2015/01/09/dead_openssl_bugs_more_fleas_than_poodles/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://www.openssl.org/news/secadv_20150108.txt" }, { "trust": 1.4, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 1.4, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "trust": 1.4, "url": "https://support.citrix.com/article/ctx216642" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html" }, { "trust": 1.1, "url": "https://github.com/openssl/openssl/commit/b15f8769644b00ef7283521593360b7b2135cb63" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/71942" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019" }, { "trust": 1.1, "url": "http://www.debian.org/security/2015/dsa-3125" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062" }, { "trust": 1.1, "url": "https://support.apple.com/ht204659" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "trust": 1.1, "url": "https://bto.bluecoat.com/security-advisory/sa88" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "trust": 1.1, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1033378" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" }, { "trust": 1.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108" }, { "trust": 1.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98974537/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu91828320/index.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3572" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569" }, { "trust": 0.5, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.5, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.4, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169" }, { "trust": 0.3, "url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf" }, { "trust": 0.3, "url": "http://www.splunk.com/view/sp-caaanv8#announce1" }, { "trust": 0.3, "url": "http://openssl.org/" }, { "trust": 0.3, "url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699667" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2015/feb/160" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698818" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857" }, { "trust": 0.3, "url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/101008182" }, { "trust": 0.3, "url": "https://www.openssl.org/news/vulnerabilities.html" }, { "trust": 0.3, "url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022575" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700275" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097733" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005170" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097503" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883287" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097811" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097504" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903726" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097823" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005150" }, { "trust": 0.3, "url": "http://www.splunk.com/view/sp-caaanxd" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701453" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699810" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2014-3572" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286" }, { "trust": 0.2, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2014-8275" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/310.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2015:0066" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/2459-1/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5432" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5433" }, { "trust": 0.1, "url": "http://www.hp.com/jp/icewall_patchaccess" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/1369543" }, { "trust": 0.1, "url": "https://h20392.www2.hp.com/portal/swdepot/displayinstallinfo.do?produ" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5409" }, { "trust": 0.1, "url": "http://h20566.www2.hpe.com/hpsc/doc/public/display?calledby=search_result\u0026doc" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5412" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5413" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-20861d704bc04221a1518b7cb6" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5410" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5411" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe" }, { "trust": 0.1, "url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/advisories/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04746490\u0026la" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692" }, { "trust": 0.1, "url": "http://www.hp.com/go/insightupdates" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0248" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04762744" }, { "trust": 0.1, "url": "https://www.openssl.org/about/releasestrat.html)," }, { "trust": 0.1, "url": "https://www.openssl.org/about/secpolicy.html" }, { "trust": 0.1, "url": "http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0204" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0206" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0205" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3571" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3570" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "BID", "id": "71942" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "130985" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "130987" }, { "db": "PACKETSTORM", "id": "129870" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "129867" }, { "db": "PACKETSTORM", "id": "130051" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-3572" }, { "db": "BID", "id": "71942" }, { "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "db": "PACKETSTORM", "id": "133317" }, { "db": "PACKETSTORM", "id": "130985" }, { "db": "PACKETSTORM", "id": "133316" }, { "db": "PACKETSTORM", "id": "130987" }, { "db": "PACKETSTORM", "id": "129870" }, { "db": "PACKETSTORM", "id": "133325" }, { "db": "PACKETSTORM", "id": "129867" }, { "db": "PACKETSTORM", "id": "130051" }, { "db": "NVD", "id": "CVE-2014-3572" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-01-09T00:00:00", "db": "VULMON", "id": "CVE-2014-3572" }, { "date": "2015-01-08T00:00:00", "db": "BID", "id": "71942" }, { "date": "2015-01-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "date": "2015-08-26T01:33:18", "db": "PACKETSTORM", "id": "133317" }, { "date": "2015-03-24T17:03:36", "db": "PACKETSTORM", "id": "130985" }, { "date": "2015-08-26T01:33:07", "db": "PACKETSTORM", "id": "133316" }, { "date": "2015-03-24T17:05:09", "db": "PACKETSTORM", "id": "130987" }, { "date": "2015-01-09T17:43:35", "db": "PACKETSTORM", "id": "129870" }, { "date": "2015-08-26T01:35:08", "db": "PACKETSTORM", "id": "133325" }, { "date": "2015-01-09T02:01:10", "db": "PACKETSTORM", "id": "129867" }, { "date": "2015-01-22T01:35:41", "db": "PACKETSTORM", "id": "130051" }, { "date": "2015-01-09T02:59:02.320000", "db": "NVD", "id": "CVE-2014-3572" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-11-15T00:00:00", "db": "VULMON", "id": "CVE-2014-3572" }, { "date": "2017-01-23T00:09:00", "db": "BID", "id": "71942" }, { "date": "2016-08-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-007553" }, { "date": "2017-11-15T02:29:05.313000", "db": "NVD", "id": "CVE-2014-3572" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "71942" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL of s3_clnt.c Inside ssl3_get_key_exchange In function ECDHE-to-ECDH Vulnerabilities that are subject to downgrade attacks", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-007553" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Design Error", "sources": [ { "db": "BID", "id": "71942" } ], "trust": 0.3 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.