var-201508-0370
Vulnerability from variot
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permissions may be obtained through the folder Trojan program. Dell SonicWall NetExtender is prone to a remote privilege-escalation vulnerability. Remote attackers can exploit this issue to execute arbitrary code with elevated privileges. Dell SonicWall NetExtender is a SonicWALL network security appliance (NSA) thin client of Dell (Dell), which supports secure connections to remote networks, and can run any application, upload and download files, etc. Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation
Vendor Website : http://www.sonicwall.com
INDEX
1. CVE
2. Background
3. Description
4. Affected Products
5. Solution
6. Credit
7. Disclosure Timeline
1. CVE
CVE: 2015-4173
2. BACKGROUND
SonicWALL NetExtender is a transparent software application for users that enables remote users to securely connect to the remote network. With NetExtender, remote users can securely run any application on the remote network. Users can upload and download files, mount network drives, and access resources in the same way as if they were on the local network. The NetExtender connection uses a Point-to-Point Protocol (PPP) connection
- Placement of a malicious binary by a potential attacker within the parent path could allow privileged code execution upon administrative login.
4. AFFECTED PRODUCTS
Dell SonicWall NetExtender 7.5.215
5. SOLUTION
Upgrade to firmware version 7.5.1.2 or 8.0.0.3.
6. CREDIT
This vulnerability was discovered by Andrew Smith of Sword & Shield Enterprise Security.
7. DISCLOSURE TIMELINE
5-24-2015 - Vulnerability Discovered/Vendor Informed
5-28-2015 - Vendor Confirmed Report/Vendor Gives Fix Timeline
5-29-2015 - CVE Requested
8-14-2015 - Fix Released and Public Disclosure by Vendor
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netextender",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "8.0"
},
{
"model": "netextender",
"scope": "lt",
"trust": 1.0,
"vendor": "sonicwall",
"version": "8.0.238"
},
{
"model": "netextender",
"scope": "lt",
"trust": 1.0,
"vendor": "sonicwall",
"version": "7.5.227"
},
{
"model": "sonicwall netextender",
"scope": "eq",
"trust": 0.8,
"vendor": "dell",
"version": "8.0.0.3"
},
{
"model": "sonicwall netextender",
"scope": "lt",
"trust": 0.8,
"vendor": "dell",
"version": "8.x"
},
{
"model": "netextender",
"scope": "eq",
"trust": 0.6,
"vendor": "sonicwall",
"version": "8.0.0.0"
},
{
"model": "netextender",
"scope": "eq",
"trust": 0.6,
"vendor": "sonicwall",
"version": "8.0.0.2"
},
{
"model": "netextender",
"scope": "eq",
"trust": 0.6,
"vendor": "sonicwall",
"version": "8.0.0.1"
},
{
"model": "netextender",
"scope": "eq",
"trust": 0.6,
"vendor": "sonicwall",
"version": "7.5.1.1"
},
{
"model": "sonicwall netextender",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "7.5.215"
},
{
"model": "sonicwall netextender",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "8.0.0.3"
},
{
"model": "sonicwall netextender",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "7.5.1.2"
}
],
"sources": [
{
"db": "BID",
"id": "76461"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.227",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.238",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4173"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrew Smith of Sword \u0026 Shield Enterprise Security.",
"sources": [
{
"db": "BID",
"id": "76461"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4173",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-4173",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-82134",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2015-4173",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-4173",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201508-544",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82134",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-4173",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permissions may be obtained through the folder Trojan program. Dell SonicWall NetExtender is prone to a remote privilege-escalation vulnerability. \nRemote attackers can exploit this issue to execute arbitrary code with elevated privileges. Dell SonicWall NetExtender is a SonicWALL network security appliance (NSA) thin client of Dell (Dell), which supports secure connections to remote networks, and can run any application, upload and download files, etc. Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation\n\nVendor Website : http://www.sonicwall.com\n\nINDEX\n---------------------------------------\n 1. CVE\n 2. Background\n 3. Description\n 4. Affected Products\n 5. Solution\n 6. Credit\n 7. Disclosure Timeline\n\n1. CVE\n---------------------------------------\n CVE: 2015-4173\n\n\n2. BACKGROUND\n---------------------------------------\n SonicWALL NetExtender is a transparent software application for users that enables remote users to securely connect to the remote network. With NetExtender, remote users can securely run any application on the remote network. Users can upload and download files, mount network drives, and access resources in the same way as if they were on the local network. The NetExtender connection uses a Point-to-Point Protocol (PPP) connection\n\n\n3. Placement of a malicious binary by a potential attacker within the parent path could allow privileged code execution upon administrative login. \n\n\n4. AFFECTED PRODUCTS\n---------------------------------------\n Dell SonicWall NetExtender 7.5.215\n\n\n5. SOLUTION\n---------------------------------------\n Upgrade to firmware version 7.5.1.2 or 8.0.0.3. \n\n\n6. CREDIT\n---------------------------------------\n This vulnerability was discovered by Andrew Smith of Sword \u0026 Shield Enterprise Security. \n\n\n7. DISCLOSURE TIMELINE\n---------------------------------------\n 5-24-2015 - Vulnerability Discovered/Vendor Informed\n 5-28-2015 - Vendor Confirmed Report/Vendor Gives Fix Timeline\n 5-29-2015 - CVE Requested\n 8-14-2015 - Fix Released and Public Disclosure by Vendor\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "BID",
"id": "76461"
},
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"db": "PACKETSTORM",
"id": "133302"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4173",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "133302",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033417",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544",
"trust": 0.7
},
{
"db": "BID",
"id": "76461",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-82134",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-4173",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"db": "BID",
"id": "76461"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "PACKETSTORM",
"id": "133302"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"id": "VAR-201508-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-82134"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:22.579000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell SonicWALL Notice Concerning Privilege Escalation Vulnerability in the Windows NetExtender client (CVE-2015-4173)",
"trust": 0.8,
"url": "https://support.software.dell.com/ja-jp/product-notification/157537?productname=sonicwall%20netextender"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sonicwall.com/japan/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://packetstormsecurity.com/files/133302/dell-sonicwall-netextender-7.5.215-privilege-escalation.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/536303/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://support.software.dell.com/product-notification/157537"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1033417"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4173"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4173"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/536303/100/0/threaded"
},
{
"trust": 0.3,
"url": "https://support.software.dell.com/sonicwall-netextender/windows"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/60"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4173"
},
{
"trust": 0.1,
"url": "http://www.sonicwall.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"db": "BID",
"id": "76461"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "PACKETSTORM",
"id": "133302"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-82134"
},
{
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"db": "BID",
"id": "76461"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"db": "PACKETSTORM",
"id": "133302"
},
{
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-26T00:00:00",
"db": "VULHUB",
"id": "VHN-82134"
},
{
"date": "2015-08-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"date": "2015-08-24T00:00:00",
"db": "BID",
"id": "76461"
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"date": "2015-08-25T01:06:02",
"db": "PACKETSTORM",
"id": "133302"
},
{
"date": "2015-08-26T19:59:06.690000",
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"date": "2015-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-82134"
},
{
"date": "2020-08-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4173"
},
{
"date": "2015-08-24T00:00:00",
"db": "BID",
"id": "76461"
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004497"
},
{
"date": "2020-08-05T15:04:21.490000",
"db": "NVD",
"id": "CVE-2015-4173"
},
{
"date": "2015-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-544"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell SonicWall NetExtender Firmware autorun Vulnerability that can be obtained privilege in the value of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "76461"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.