var-201608-0193
Vulnerability from variot
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within the configuration of the product. The executables for new system services are stored in directories for which all users have full control allowing for new executables to be swapped for the system service executables. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. SINEMA Server is Siemens Industrial Network Management Software. It can quickly diagnose the communication status of industrial Ethernet, industrial switches SCALANCE, PROFINET and CP443-1, CP343-1, ET200 (PN) and other network devices. Allow authenticated system users to escalate privileges under certain conditions. Local attackers can exploit this issue to gain elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinema server",
"scope": null,
"trust": 2.1,
"vendor": "siemens",
"version": null
},
{
"model": "sinema server",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinema server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v12"
},
{
"model": "sinema server",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v12"
},
{
"model": "sinema server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "12.0"
},
{
"model": "sinema server",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "12.0-"
},
{
"model": "sinema server",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinema server",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "BID",
"id": "92254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinema_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6486"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-478"
}
],
"trust": 0.7
},
"cve": "CVE-2016-6486",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-6486",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-05875",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "6111775d-5371-436c-8bcc-4bf046090b10",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-95306",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6486",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6486",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2016-6486",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-05875",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-182",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-95306",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "VULHUB",
"id": "VHN-95306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within the configuration of the product. The executables for new system services are stored in directories for which all users have full control allowing for new executables to be swapped for the system service executables. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. SINEMA Server is Siemens Industrial Network Management Software. It can quickly diagnose the communication status of industrial Ethernet, industrial switches SCALANCE, PROFINET and CP443-1, CP343-1, ET200 (PN) and other network devices. Allow authenticated system users to escalate privileges under certain conditions. \nLocal attackers can exploit this issue to gain elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "BID",
"id": "92254"
},
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "VULHUB",
"id": "VHN-95306"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6486",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-16-215-02",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-321174",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-16-478",
"trust": 2.1
},
{
"db": "BID",
"id": "92254",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-05875",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3662",
"trust": 0.7
},
{
"db": "IVD",
"id": "6111775D-5371-436C-8BCC-4BF046090B10",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-95306",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "VULHUB",
"id": "VHN-95306"
},
{
"db": "BID",
"id": "92254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"id": "VAR-201608-0193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "VULHUB",
"id": "VHN-95306"
}
],
"trust": 1.36071428
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
}
]
},
"last_update_date": "2023-12-18T13:03:17.070000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-321174",
"trust": 0.8,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-321174.pdf"
},
{
"title": "Siemens has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-215-02"
},
{
"title": "Patch for Siemens SINEMA Server Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-215-02"
},
{
"trust": 2.3,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-321174.pdf"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92254"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-478"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6486"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6486"
},
{
"trust": 0.3,
"url": "http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026lang=de\u0026siteid=cseus\u0026aktprim=0\u0026extranet=standard\u0026viewreg=ww\u0026objid=35228013\u0026treelang=de"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "VULHUB",
"id": "VHN-95306"
},
{
"db": "BID",
"id": "92254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"db": "VULHUB",
"id": "VHN-95306"
},
{
"db": "BID",
"id": "92254"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-03T00:00:00",
"db": "IVD",
"id": "6111775d-5371-436c-8bcc-4bf046090b10"
},
{
"date": "2016-08-17T00:00:00",
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"date": "2016-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"date": "2016-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-95306"
},
{
"date": "2016-08-02T00:00:00",
"db": "BID",
"id": "92254"
},
{
"date": "2016-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"date": "2016-08-08T00:59:12.907000",
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"date": "2016-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-17T00:00:00",
"db": "ZDI",
"id": "ZDI-16-478"
},
{
"date": "2016-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05875"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-95306"
},
{
"date": "2016-08-18T13:00:00",
"db": "BID",
"id": "92254"
},
{
"date": "2016-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004392"
},
{
"date": "2016-11-28T20:33:19.327000",
"db": "NVD",
"id": "CVE-2016-6486"
},
{
"date": "2016-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "92254"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SINEMA Server privilege acquisition vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004392"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-182"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.