var-201609-0031
Vulnerability from variot

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. OpenSSL is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause a denial-of-service condition. Versions prior to OpenSSL 1.1.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================

  1. Summary:

An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)

  • It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)

  • An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)

  • A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.

  • An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)

  • Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)

  • An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)

Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth

  1. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source: openssl-1.0.1e-48.el6_8.3.src.rpm

i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm

x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source: openssl-1.0.1e-48.el6_8.3.src.rpm

x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source: openssl-1.0.1e-48.el6_8.3.src.rpm

i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm

s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm

x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm

s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm

x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source: openssl-1.0.1e-48.el6_8.3.src.rpm

i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

Red Hat Enterprise Linux Client (v. 7):

Source: openssl-1.0.1e-51.el7_2.7.src.rpm

x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source: openssl-1.0.1e-51.el7_2.7.src.rpm

x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source: openssl-1.0.1e-51.el7_2.7.src.rpm

ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm

ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm

s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm

x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm

ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm

s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm

x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source: openssl-1.0.1e-51.el7_2.7.src.rpm

x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/

CVE-2016-2178

Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.

CVE-2016-2179 / CVE-2016-2181

Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.

For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.

For the unstable distribution (sid), these problems will be fixed soon. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016

openssl regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary:

USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.

We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5

Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21

Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38

After a standard system update you need to reboot your computer to make all the necessary changes. OpenSSL Security Advisory [22 Sep 2016] ========================================

OCSP Status Request extension unbounded memory growth (CVE-2016-6304)

Severity: High

A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.

Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.

OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

SSL_peek() hang on empty record (CVE-2016-6305)

Severity: Moderate

OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.

OpenSSL 1.1.0 users should upgrade to 1.1.0a

This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.

SWEET32 Mitigation (CVE-2016-2183)

Severity: Low

SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.

OOB write in MDC2_Update() (CVE-2016-6303)

Severity: Low

An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.

The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

Malformed SHA512 ticket DoS (CVE-2016-6302)

Severity: Low

If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.

The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

OOB write in BN_bn2dec() (CVE-2016-2182)

Severity: Low

The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

OOB read in TS_OBJ_print_bio() (CVE-2016-2180)

Severity: Low

The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

Pointer arithmetic undefined behaviour (CVE-2016-2177)

Severity: Low

Avoid some undefined pointer arithmetic

A common idiom in the codebase is to check limits in the following manner: "p + len > limit"

Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE

"len" here could be from some externally supplied data (e.g. from a TLS message).

The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.

For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.

Constant time flag not preserved in DSA signing (CVE-2016-2178)

Severity: Low

Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.

DTLS buffered message DoS (CVE-2016-2179)

Severity: Low

In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.

OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.

DTLS replay protection DoS (CVE-2016-2181)

Severity: Low

A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.

OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.

Certificate message OOB reads (CVE-2016-6306)

Severity: Low

In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.

The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.

OpenSSL 1.1.0 is not affected.

OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)

Severity: Low

A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

This issue does not affect DTLS users.

OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a

This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)

Severity: Low

This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.

A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

This issue does not affect TLS users.

OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a

This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

Note

As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.

Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.

References

URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt

Note: the online version of the advisory may be updated with additional details over time.

For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201609-0031",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1e"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1i"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1b"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1g"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1c"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1d"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1a"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1h"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "1.0.1f"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1j"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1q"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2f"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2a"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1m"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2e"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1s"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1l"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1t"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2c"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2h"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2g"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1r"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2b"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1p"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1k"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1o"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.2d"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1n"
      },
      {
        "model": "openssl",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "openssl",
        "version": "1.1.0"
      },
      {
        "model": "capssuite",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v3.0 to  v4.0"
      },
      {
        "model": "enterpriseidentitymanager",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "esmpro/serveragentservice",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "(linux edition )"
      },
      {
        "model": "express5800",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "sg3600 all series"
      },
      {
        "model": "ix1000 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "ix2000 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "ix3000 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "secureware/pki application development kit",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "ver3.2"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "enterprise v8.2 to  v9.4"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "express v8.2 to  v9.4"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "foundation v8.2 to  v8.5"
      },
      {
        "model": "webotx application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "standard v8.2 to  v9.4"
      },
      {
        "model": "webotx enterprise service bus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.2 to  v8.5"
      },
      {
        "model": "webotx portal",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.2 to  v9.1"
      },
      {
        "model": "stealthwatch udp director",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "cloud web security",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 0.9.8m",
        "scope": null,
        "trust": 0.6,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "paging server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 0.9.8n",
        "scope": null,
        "trust": 0.6,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "project openssl 1.0.0a",
        "scope": null,
        "trust": 0.6,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "project openssl 0.9.8o",
        "scope": null,
        "trust": 0.6,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "webex centers t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "sterling connect:express for unix ifix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.13150-13"
      },
      {
        "model": "clean access manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified contact center enterprise live data server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "nexus series blade switches 4.1 e1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4000"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.9"
      },
      {
        "model": "telepresence content server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "proactive network operations center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 0.9.8f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5"
      },
      {
        "model": "project openssl 1.0.2i",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "69010"
      },
      {
        "model": "anyconnect secure mobility client for linux",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "ucs central software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance media server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.0d",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.13"
      },
      {
        "model": "stealthwatch management console",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.1e",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment 5.1.fix pack",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.2"
      },
      {
        "model": "anyconnect secure mobility client for android",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.5"
      },
      {
        "model": "project openssl 1.0.2g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "project openssl 0.9.8u",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0"
      },
      {
        "model": "jabber software development kit",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "project openssl 1.0.1a",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "computer telephony integration object server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified workforce optimization",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "industrial router 1.2.1rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "910"
      },
      {
        "model": "nexus intercloud for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6"
      },
      {
        "model": "powerkvm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.1"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.14"
      },
      {
        "model": "ip interoperability and collaboration system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8"
      },
      {
        "model": "asr series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "edge digital media player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3400"
      },
      {
        "model": "project openssl 1.0.0g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "nexus series switches standalone nx-os mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "unified contact center enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.3.1"
      },
      {
        "model": "nexus series switches standalone nx-os mode 7.0 i5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.11"
      },
      {
        "model": "intelligent automation for cloud",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7000"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.26"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.1.1"
      },
      {
        "model": "smartcloud entry appliance fi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.4"
      },
      {
        "model": "jabber guest",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime license manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance ptz ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.9"
      },
      {
        "model": "series digital media players 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4300"
      },
      {
        "model": "stealthwatch flowcollector sflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "visual quality experience server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.11"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2.2"
      },
      {
        "model": "jd edwards enterpriseone tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "9.2.1.1"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60002.9"
      },
      {
        "model": "content security management appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime collaboration provisioning",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "agent for openflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.3"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.8"
      },
      {
        "model": "ons series multiservice provisioning platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154540"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.15"
      },
      {
        "model": "telepresence sx series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "prime collaboration assurance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asa next-generation firewall services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10.0.1"
      },
      {
        "model": "project openssl 0.9.8w",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8200"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.9"
      },
      {
        "model": "unified communications manager im \u0026 presence service (formerly c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.3"
      },
      {
        "model": "webex meetings for blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.5"
      },
      {
        "model": "lancope stealthwatch flowcollector sflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.1g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "9"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "10.1"
      },
      {
        "model": "prime lan management solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "wide area application services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "10.2"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.1"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "10"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0.1.3"
      },
      {
        "model": "anyconnect secure mobility client for mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x4.0.7"
      },
      {
        "model": "common services platform collector",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.11"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.1"
      },
      {
        "model": "partner support service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "media services interface",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus intercloud",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.9"
      },
      {
        "model": "project openssl 1.0.1i",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "prime collaboration assurance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "jabber for iphone and ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0"
      },
      {
        "model": "email gateway 7.6.2h968406",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "unified attendant console advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "common services platform collector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "anyconnect secure mobility client for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence mx series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "model": "webex meetings client on-premises",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "unified wireless ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.1s",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "unified intelligence center",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6(1)"
      },
      {
        "model": "services provisioning platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ucs b-series blade servers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.3"
      },
      {
        "model": "nac appliance clean access manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.4.6"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10000"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20290.1"
      },
      {
        "model": "jabber for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asa next-generation firewall services",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1.2"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.3.0.0"
      },
      {
        "model": "unified sip proxy",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.405"
      },
      {
        "model": "unified attendant console premium edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "api gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "11.1.2.4.0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5"
      },
      {
        "model": "services provisioning platform sfp1.1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "project openssl 0.9.8r",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "small business spa300 series ip phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.8"
      },
      {
        "model": "mediasense",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql workbench",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.1.5"
      },
      {
        "model": "video surveillance series high-definition ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40000"
      },
      {
        "model": "jabber for android",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "anyconnect secure mobility client for desktop platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3.4"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "12"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30002.9"
      },
      {
        "model": "series digital media players 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4400"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.20"
      },
      {
        "model": "project openssl 1.0.1r",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql workbench",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.3.8"
      },
      {
        "model": "project openssl 0.9.8y",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "cognos metrics manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2"
      },
      {
        "model": "stealthwatch identity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.2"
      },
      {
        "model": "application policy infrastructure controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2(1)"
      },
      {
        "model": "general parallel file system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.1"
      },
      {
        "model": "unified workforce optimization quality management solution 11.5 su1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "show and share",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system ex series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "universal small cell iuh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.2"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.5"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "11.1"
      },
      {
        "model": "tivoli provisioning manager for images",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.19"
      },
      {
        "model": "ucs director",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli provisioning manager for images build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20280.6"
      },
      {
        "model": "infinity",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "13"
      },
      {
        "model": "jabber client framework components",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "project openssl 0.9.8p",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "telepresence isdn link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence profile series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "webex meetings client on-premises t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "dcm series d9900 digital content manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70006.2.19"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.1"
      },
      {
        "model": "unified attendant console business edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.4"
      },
      {
        "model": "peoplesoft enterprise peopletools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.54"
      },
      {
        "model": "powerkvm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.1"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.1.4"
      },
      {
        "model": "mds series multilayer switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "90000"
      },
      {
        "model": "prime network services controller 1.01u",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "oss support tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.9.15.9.8"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.4.0.10"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.0"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "nexus series switches 5.2 sv3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v"
      },
      {
        "model": "telepresence system tx1310",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications domain manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media and",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3103204.4"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.2"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.4"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.1051.08"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.10"
      },
      {
        "model": "project openssl 1.0.2h",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "nac guest server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "enterprise content delivery system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.11"
      },
      {
        "model": "anyconnect secure mobility client for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.1"
      },
      {
        "model": "telepresence system ex series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime collaboration deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex business suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "dx series ip phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "15.5(3)"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.18"
      },
      {
        "model": "anyconnect secure mobility client for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series blade switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40000"
      },
      {
        "model": "project openssl 0.9.8q",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.11"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-376.1"
      },
      {
        "model": "jabber for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "telepresence profile series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "13.1.0.0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.10"
      },
      {
        "model": "ace30 application control engine module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.28"
      },
      {
        "model": "edge digital media player 1.6rb5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "300"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.12"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "69450"
      },
      {
        "model": "telepresence isdn gateway mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "83210"
      },
      {
        "model": "wireless lan controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.4"
      },
      {
        "model": "jabber software development kit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "uc integration for microsoft lync",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.3"
      },
      {
        "model": "unified contact center enterprise",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.404"
      },
      {
        "model": "telepresence system tx1310",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "spa112 2-port phone adapter",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.151.05"
      },
      {
        "model": "connected grid routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3"
      },
      {
        "model": "transportation management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.4.1.2"
      },
      {
        "model": "i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.3"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.1"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.33"
      },
      {
        "model": "telepresence mx series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ip interoperability and collaboration system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(1)"
      },
      {
        "model": "project openssl 1.0.1c",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "spa122 analog telephone adapter with router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "universal small cell series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50003.5.12.23"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50003.4.2.0"
      },
      {
        "model": "connected grid routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "uc integration for microsoft lync",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security guardium",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.0.1"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8v"
      },
      {
        "model": "project openssl 1.0.1f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.401"
      },
      {
        "model": "project openssl 1.0.2a",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.8"
      },
      {
        "model": "unity express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.7"
      },
      {
        "model": "project openssl 1.0.2f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.21"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "13000"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.0"
      },
      {
        "model": "tivoli provisioning manager for images",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.0"
      },
      {
        "model": "tandberg codian isdn gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway 7.6.405h1165239",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "jabber guest",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11"
      },
      {
        "model": "project openssl 0.9.8g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.9"
      },
      {
        "model": "business intelligence enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "11.1.1.9.0"
      },
      {
        "model": "digital media manager 5.3.6 rb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "series digital media players",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44000"
      },
      {
        "model": "ata series analog terminal adaptors",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1901.3"
      },
      {
        "model": "prime network services controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ata series analog terminal adaptors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1900"
      },
      {
        "model": "asr series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500021.2"
      },
      {
        "model": "project openssl 1.0.1t",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-37"
      },
      {
        "model": "ons series multiservice provisioning platforms",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1545410.7"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0.12"
      },
      {
        "model": "telepresence system series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "cognos metrics manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.1.1"
      },
      {
        "model": "broadband access center telco and wireless",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.19"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2.3"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.2"
      },
      {
        "model": "hosted collaboration mediation fulfillment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications manager session management edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.19"
      },
      {
        "model": "smartcloud entry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.4.0"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.2"
      },
      {
        "model": "security guardium",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.1.2"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.25"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.0.0"
      },
      {
        "model": "webex meetings server multimedia platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "unified ip conference phone 10.3.1sr4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8831"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70000"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.7"
      },
      {
        "model": "prime network registrar",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.3.5"
      },
      {
        "model": "project openssl 1.0.2d",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "series stackable managed switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "prime access registrar",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "onepk all-in-one vm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified intelligent contact management enterprise",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "stealthwatch flowcollector netflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3.2"
      },
      {
        "model": "ucs manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.1"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.11"
      },
      {
        "model": "prime optical",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "network analysis module",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2(2)"
      },
      {
        "model": "series stackable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "video surveillance 4300e and 4500e high-definition ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified attendant console department edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ip series phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "78000"
      },
      {
        "model": "aironet series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "27000"
      },
      {
        "model": "onepk all-in-one virtual machine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "industrial router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9100"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.1"
      },
      {
        "model": "unified intelligence center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "11"
      },
      {
        "model": "video distribution suite for internet streaming",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "13006.1"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.116"
      },
      {
        "model": "cloupia unified infrastructure controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 0.9.8l",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50000"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11006.1"
      },
      {
        "model": "agent desktop for cisco unified contact center express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "packaged contact center enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0.0"
      },
      {
        "model": "smartcloud entry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.1"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70000"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "secure global desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.2"
      },
      {
        "model": "telepresence sx series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "project openssl 1.0.1u",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "cognos metrics manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.1"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30000"
      },
      {
        "model": "project openssl 1.0.1n",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "nac appliance clean access server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "project openssl 1.0.1o",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60000"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1.0.1"
      },
      {
        "model": "webex meetings for windows phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "80"
      },
      {
        "model": "spa232d multi-line dect analog telephone adapter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime optical for service providers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smart care",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "8"
      },
      {
        "model": "security network protection",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.11"
      },
      {
        "model": "project openssl 1.0.0i",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.99.4"
      },
      {
        "model": "edge digital media player 1.2rb1.0.3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "340"
      },
      {
        "model": "network performance analysis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60006.2.19"
      },
      {
        "model": "peoplesoft enterprise peopletools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.55"
      },
      {
        "model": "unified ip conference phone for third-party call control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "88310"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0"
      },
      {
        "model": "project openssl 1.0.2e",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "webex meetings for windows phone",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82.8"
      },
      {
        "model": "security guardium",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.1"
      },
      {
        "model": "project openssl 1.0.1q",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.7"
      },
      {
        "model": "smartcloud entry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.3.0"
      },
      {
        "model": "secure access control system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.8.0.32.7"
      },
      {
        "model": "telepresence integrator c series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "agent desktop",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment intirim fix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.133"
      },
      {
        "model": "secure global desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.3"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.2"
      },
      {
        "model": "webex meetings client hosted",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.13"
      },
      {
        "model": "content security management appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1.140"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.8"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "intrusion prevention system solutions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip conference phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "88310"
      },
      {
        "model": "project openssl 1.0.0e",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2.1"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.14"
      },
      {
        "model": "smartcloud entry appliance fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.1.0.4"
      },
      {
        "model": "jabber client framework components",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "prime ip express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified sip proxy software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10"
      },
      {
        "model": "telepresence system tx9000",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "model": "mysql workbench",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.1.4"
      },
      {
        "model": "security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for mac",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "netflow generation appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.403"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8x"
      },
      {
        "model": "unified sip proxy software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.1.4.7895"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "99510"
      },
      {
        "model": "mobility services engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "89450"
      },
      {
        "model": "telepresence supervisor mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "80500"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20280.6"
      },
      {
        "model": "telepresence server and mse",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "701087104.4"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.10"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.6"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.12"
      },
      {
        "model": "ucs series and series fabric interconnects",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "620063000"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2.2"
      },
      {
        "model": "webex meeting center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.11"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.4"
      },
      {
        "model": "project openssl 0.9.8t",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "lotus protector for mail security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.8.3.0"
      },
      {
        "model": "netflow generation appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.1(1)"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.13"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.6"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.2"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2.2"
      },
      {
        "model": "secure global desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "4.71"
      },
      {
        "model": "socialminer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "powerkvm update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.1.1.3-6513"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.28"
      },
      {
        "model": "project openssl 1.0.0c",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "spa112 2-port phone adapter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance series high-definition ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "40002.9"
      },
      {
        "model": "intracer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.29"
      },
      {
        "model": "tivoli provisioning manager for os deployment build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.1051.07"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.3"
      },
      {
        "model": "spa51x ip phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "oss support tools",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.8.15.7.15"
      },
      {
        "model": "transportation management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.1"
      },
      {
        "model": "business intelligence enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "prime infrastructure",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "telepresence video communication server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "9.1"
      },
      {
        "model": "video surveillance 4300e and 4500e high-definition ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.9"
      },
      {
        "model": "powerkvm update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.1.0.23"
      },
      {
        "model": "computer telephony integration object server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6.1"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11000"
      },
      {
        "model": "centos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "centos",
        "version": "7"
      },
      {
        "model": "telepresence sx series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media and",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3103200"
      },
      {
        "model": "small business series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.24"
      },
      {
        "model": "content security appliance update servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified attendant console",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.0f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "99710"
      },
      {
        "model": "videoscape anyres live",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.7.2"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.6"
      },
      {
        "model": "security guardium",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.0"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.0.2"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.4"
      },
      {
        "model": "firesight system software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.4.1.9"
      },
      {
        "model": "universal small cell iuh",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.17.3"
      },
      {
        "model": "ata analog telephone adaptor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1870"
      },
      {
        "model": "project openssl 1.0.0j",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "project openssl 1.0.0b",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.2"
      },
      {
        "model": "project openssl 1.0.1m",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.4"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-326.1"
      },
      {
        "model": "unity express",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10"
      },
      {
        "model": "expressway series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtualization experience media edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "vm virtualbox",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.1.8"
      },
      {
        "model": "small business series managed switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3.1"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.6"
      },
      {
        "model": "telepresence system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10006.1"
      },
      {
        "model": "telepresence isdn gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "32410"
      },
      {
        "model": "telepresence mcu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "edge digital media player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "series smart plus switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2200"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.2.2"
      },
      {
        "model": "smartcloud entry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.2"
      },
      {
        "model": "smartcloud entry appliance fi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.4.0.4"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000v0"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.6"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "virtual security gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.4.1102"
      },
      {
        "model": "rational insight",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1.5"
      },
      {
        "model": "telepresence tx9000 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smartcloud entry appliance fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.2.0.4"
      },
      {
        "model": "project openssl 1.0.1j",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.0x"
      },
      {
        "model": "series digital media players",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "43000"
      },
      {
        "model": "telepresence system series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30006.1"
      },
      {
        "model": "universal small cell series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70003.4.2.0"
      },
      {
        "model": "unity connection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.4"
      },
      {
        "model": "one portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.13"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.12"
      },
      {
        "model": "ucs b-series blade servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "unified attendant console standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ucs standalone c-series rack server integrated management cont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "security network protection",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2.5"
      },
      {
        "model": "telepresence integrator c series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.1d",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.32"
      },
      {
        "model": "enterprise content delivery system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.6.9"
      },
      {
        "model": "nexus series switches",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60000"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.1"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "7"
      },
      {
        "model": "mds series multilayer switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000"
      },
      {
        "model": "series digital media players 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4300"
      },
      {
        "model": "ucs standalone c-series rack server integrated management cont",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-3.0"
      },
      {
        "model": "ios and cisco ios xe software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "16.1"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "4"
      },
      {
        "model": "prime network",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence tx9000 series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "prime performance manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smart net total care local collector appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "prime collaboration provisioning",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "connected grid routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "15.8.9"
      },
      {
        "model": "network analysis module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "commerce experience manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.5.2"
      },
      {
        "model": "nexus series fabric switches aci mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "prime performance manager sp1611",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.7"
      },
      {
        "model": "worklight consumer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.1"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.12"
      },
      {
        "model": "lancope stealthwatch flowcollector netflow",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.22"
      },
      {
        "model": "unified ip phone 9.3 sr3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6901"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.23"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.16"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.10"
      },
      {
        "model": "telepresence server and mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "701087100"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "12.2"
      },
      {
        "model": "mds series multilayer switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "90006.2.19"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270015.5(3)"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-32"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.30"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.4"
      },
      {
        "model": "telepresence server on virtual machine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.3.0.1098"
      },
      {
        "model": "webex meetings for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "nexus series switches 5.2.8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "digital media manager 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified workforce optimization quality management solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "-0"
      },
      {
        "model": "telepresence integrator c series tc7.3.7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.3"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.13"
      },
      {
        "model": "spa122 analog telephone adapter with router",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "cloud object storage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.4"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.5"
      },
      {
        "model": "rrdi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.0.1"
      },
      {
        "model": "project openssl 1.0.0h",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.2"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.14"
      },
      {
        "model": "ios xr software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.3"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.4"
      },
      {
        "model": "project openssl",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.1"
      },
      {
        "model": "unified intelligent contact management enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.2.4"
      },
      {
        "model": "application and content networking system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "project openssl 1.0.1k",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "anyconnect secure mobility client for ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "business intelligence enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "11.1.1.7.0"
      },
      {
        "model": "ace application control engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "47100"
      },
      {
        "model": "oss support tools",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "8.15.17.3.14"
      },
      {
        "model": "anyconnect secure mobility client for mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x0"
      },
      {
        "model": "business intelligence enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.2.1.2.0"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.4.1.2"
      },
      {
        "model": "tivoli provisioning manager for images build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1.20290.1"
      },
      {
        "model": "project openssl 1.0.0k",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.2"
      },
      {
        "model": "prime infrastructure plug and play standalone gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtual security gateway",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1.6"
      },
      {
        "model": "nexus series switches",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "50006.2.19"
      },
      {
        "model": "telepresence conductor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.3"
      },
      {
        "model": "application policy infrastructure controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "jabber for mac",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "8.1"
      },
      {
        "model": "jabber for iphone and ipad",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.8"
      },
      {
        "model": "prime network registrar",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.3"
      },
      {
        "model": "cognos metrics manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2.2"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "12.1"
      },
      {
        "model": "i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "worklight enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1.0.1"
      },
      {
        "model": "telepresence video communication server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x8.8.3"
      },
      {
        "model": "connected analytics for collaboration",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.16"
      },
      {
        "model": "series digital media players 5.4.1 rb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4400"
      },
      {
        "model": "sterling connect:express for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.5.0"
      },
      {
        "model": "multicast manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "270016.3"
      },
      {
        "model": "sterling b2b integrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "model": "cognos business intelligence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "10.2"
      },
      {
        "model": "anyconnect secure mobility client for ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "5"
      },
      {
        "model": "secure access control system",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.8.0.32.8"
      },
      {
        "model": "webex node for mcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence mcu",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5(1.89)"
      },
      {
        "model": "management appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "anyconnect secure mobility client for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.7"
      },
      {
        "model": "videoscape anyres live",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance ptz ip cameras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video distribution suite for internet streaming",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.003(002)"
      },
      {
        "model": "project openssl 0.9.8s",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.31"
      },
      {
        "model": "telepresence serial gateway series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8204.4"
      },
      {
        "model": "i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2"
      },
      {
        "model": "project openssl 1.0.2c",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.13"
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.400"
      },
      {
        "model": "unified ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "89610"
      },
      {
        "model": "expressway series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "x8.8.3"
      },
      {
        "model": "commerce guided search",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.3"
      },
      {
        "model": "prime network",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "431"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-320"
      },
      {
        "model": "unified attendant console enterprise edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified contact center express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "small business spa500 series ip phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vm virtualbox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.0.26"
      },
      {
        "model": "tivoli provisioning manager for os deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1"
      },
      {
        "model": "network analysis module 6.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "telepresence system ex series ce8.2.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "prime data center network manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mxe series media experience engines",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "35000"
      },
      {
        "model": "project openssl 1.0.2b",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "universal small cell cloudbase factory recovery root filesystem",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.17.3"
      },
      {
        "model": "videoscape control suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tandberg codian mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "83200"
      },
      {
        "model": "ip series phones vpn feature",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8800-0"
      },
      {
        "model": "mobilefirst platform foundation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0.0.0"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.9"
      },
      {
        "model": "security network protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.1.3"
      },
      {
        "model": "emergency responder",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "smartcloud entry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.27"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.17"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.18"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "13.2.0.0"
      },
      {
        "model": "unified meetingplace 8.6mr1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.406-3402.103"
      },
      {
        "model": "telepresence mx series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tapi service provider",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "video surveillance series ip cameras",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70002.9"
      },
      {
        "model": "telepresence system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "500-370"
      },
      {
        "model": "spa525g 5-line ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence profile series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "secure access control system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.6.22"
      },
      {
        "model": "unified ip conference phone for third-party call control 9.3 sr3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8831"
      },
      {
        "model": "unified ip series phones",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "79000"
      },
      {
        "model": "spa232d multi-line dect analog telephone adapter",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.4.2"
      },
      {
        "model": "nexus series fabric switches aci mode",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9000-0"
      },
      {
        "model": "visual quality experience tools server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "virtualization experience media edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "enterprise manager ops center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "12.3.2"
      },
      {
        "model": "emergency responder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "email gateway 7.6.405h1157986",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "project openssl 1.0.1l",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "registered envelope service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "universal small cell series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70003.5.12.23"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "smartcloud entry appliance fi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.3.0.4"
      },
      {
        "model": "webex meetings client hosted t32",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mysql",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5.7.15"
      },
      {
        "model": "unified meetingplace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "security virtual server protection for vmware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.1"
      },
      {
        "model": "unified contact center express",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.6"
      },
      {
        "model": "infinity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pexip",
        "version": "6"
      },
      {
        "model": "tivoli provisioning manager for images system edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "x7.1.1.0"
      },
      {
        "model": "webex meetings server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.6.1.30"
      },
      {
        "model": "project openssl 1.0.1h",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "email gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.6.402"
      },
      {
        "model": "project openssl 1.0.1p",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "92987"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2016-2179",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-2179",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-2179",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-2179",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201609-103",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-2179",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. OpenSSL is prone to multiple denial-of-service vulnerabilities. \nAn attacker can exploit these issues to cause a denial-of-service condition. \nVersions prior to OpenSSL 1.1.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: openssl security update\nAdvisory ID:       RHSA-2016:1940-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date:        2016-09-27\nCVE Names:         CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n                   CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n                   CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Additional information can be found at\n    https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/    \n\nCVE-2016-2178\n\n    Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n    leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n    Quan Luo and the OCAP audit team discovered denial of service\n    vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n  Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n  Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n  Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n  Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n  Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  libssl1.0.0                     1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n  libssl1.0.0                     1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n  libssl1.0.0                     1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2.  OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "BID",
        "id": "92987"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "db": "PACKETSTORM",
        "id": "138817"
      },
      {
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "db": "PACKETSTORM",
        "id": "169633"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-2179",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "92987",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1036689",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-412672",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-21",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-20",
        "trust": 1.7
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-16",
        "trust": 1.7
      },
      {
        "db": "JUNIPER",
        "id": "JSA10759",
        "trust": 1.7
      },
      {
        "db": "PULSESECURE",
        "id": "SA40312",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU98667810",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0696",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-21",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2179",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138870",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138817",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138820",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138826",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169633",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "BID",
        "id": "92987"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "db": "PACKETSTORM",
        "id": "138817"
      },
      {
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "db": "PACKETSTORM",
        "id": "169633"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "id": "VAR-201609-0031",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.41024942
  },
  "last_update_date": "2023-12-25T20:37:50.294000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160927-openssl",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
      },
      {
        "title": "1995039",
        "trust": 0.8,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
      },
      {
        "title": "NV17-001",
        "trust": 0.8,
        "url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
      },
      {
        "title": "OpenSSL 1.0.2 Series Release Notes",
        "trust": 0.8,
        "url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
      },
      {
        "title": "OpenSSL 1.0.1 Series Release Notes",
        "trust": 0.8,
        "url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
      },
      {
        "title": "Fix DTLS buffered message DoS attack",
        "trust": 0.8,
        "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
      },
      {
        "title": "Oracle Critical Patch Update Advisory - October 2016",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
      },
      {
        "title": "Oracle Linux Bulletin - October 2016",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
      },
      {
        "title": "Oracle VM Server for x86 Bulletin - October 2016",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
      },
      {
        "title": "SA40312",
        "trust": 0.8,
        "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
      },
      {
        "title": "SA132",
        "trust": 0.8,
        "url": "https://bto.bluecoat.com/security-advisory/sa132"
      },
      {
        "title": "JSA10759",
        "trust": 0.8,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
      },
      {
        "title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
        "trust": 0.8,
        "url": "http://www.splunk.com/view/sp-caaapue"
      },
      {
        "title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
        "trust": 0.8,
        "url": "http://www.splunk.com/view/sp-caaapsv"
      },
      {
        "title": "TNS-2016-16",
        "trust": 0.8,
        "url": "https://www.tenable.com/security/tns-2016-16"
      },
      {
        "title": "OpenSSL Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=63926"
      },
      {
        "title": "Red Hat: Important: openssl security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-2179"
      },
      {
        "title": "Red Hat: CVE-2016-2179",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2179"
      },
      {
        "title": "Ubuntu Security Notice: openssl vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
      },
      {
        "title": "Ubuntu Security Notice: openssl regression",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2016-755",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
      },
      {
        "title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
      },
      {
        "title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
      },
      {
        "title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
      },
      {
        "title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
      },
      {
        "title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
      },
      {
        "title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
      },
      {
        "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
      },
      {
        "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
      },
      {
        "title": "CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05\nSummary",
        "trust": 0.1,
        "url": "https://github.com/tomwillfixit/alpine-cvecheck "
      },
      {
        "title": "OpenSSL-CVE-lib",
        "trust": 0.1,
        "url": "https://github.com/chnzzh/openssl-cve-lib "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
      },
      {
        "trust": 2.0,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/92987"
      },
      {
        "trust": 1.7,
        "url": "http://www.splunk.com/view/sp-caaapue"
      },
      {
        "trust": 1.7,
        "url": "http://www.splunk.com/view/sp-caaapsv"
      },
      {
        "trust": 1.7,
        "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
      },
      {
        "trust": 1.7,
        "url": "https://bto.bluecoat.com/security-advisory/sa132"
      },
      {
        "trust": 1.7,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-16"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1036689"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-21"
      },
      {
        "trust": 1.7,
        "url": "https://www.tenable.com/security/tns-2016-20"
      },
      {
        "trust": 1.7,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
      },
      {
        "trust": 0.9,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
      },
      {
        "trust": 0.9,
        "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2179"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu98667810/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2179"
      },
      {
        "trust": 0.8,
        "url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
      },
      {
        "trust": 0.6,
        "url": "https://www.openssl.org/news/vulnerabilities.html#y2017"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
      },
      {
        "trust": 0.3,
        "url": "http://www.openssl.org"
      },
      {
        "trust": 0.3,
        "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
      },
      {
        "trust": 0.3,
        "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
      },
      {
        "trust": 0.3,
        "url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
      },
      {
        "trust": 0.3,
        "url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
      },
      {
        "trust": 0.3,
        "url": "https://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2016-10-07.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995886"
      },
      {
        "trust": 0.2,
        "url": "https://www.openssl.org/news/secadv/20160922.txt"
      },
      {
        "trust": 0.2,
        "url": "http://www.ubuntu.com/usn/usn-3087-1"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/399.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=48598"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/3087-1/"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2180"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-6306"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2177"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2181"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-6304"
      },
      {
        "trust": 0.1,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2179"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2182"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-6302"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-2178"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.1,
        "url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1626883"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-3087-2"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
      },
      {
        "trust": 0.1,
        "url": "https://www.openssl.org/policies/secpolicy.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
      },
      {
        "trust": 0.1,
        "url": "https://sweet32.info)"
      },
      {
        "trust": 0.1,
        "url": "https://www.openssl.org/policies/releasestrat.html),"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "BID",
        "id": "92987"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "db": "PACKETSTORM",
        "id": "138817"
      },
      {
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "db": "PACKETSTORM",
        "id": "169633"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "db": "BID",
        "id": "92987"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "db": "PACKETSTORM",
        "id": "138817"
      },
      {
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "db": "PACKETSTORM",
        "id": "169633"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-09-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "date": "2016-06-30T00:00:00",
        "db": "BID",
        "id": "92987"
      },
      {
        "date": "2016-09-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "date": "2016-09-27T19:32:00",
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "date": "2016-09-22T22:22:00",
        "db": "PACKETSTORM",
        "id": "138817"
      },
      {
        "date": "2016-09-22T22:25:00",
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "date": "2016-09-23T19:19:00",
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "date": "2016-09-22T12:12:12",
        "db": "PACKETSTORM",
        "id": "169633"
      },
      {
        "date": "2016-09-16T05:59:00.143000",
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "date": "2016-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-2179"
      },
      {
        "date": "2018-01-18T12:00:00",
        "db": "BID",
        "id": "92987"
      },
      {
        "date": "2017-10-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      },
      {
        "date": "2023-11-07T02:31:01.590000",
        "db": "NVD",
        "id": "CVE-2016-2179"
      },
      {
        "date": "2022-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "138870"
      },
      {
        "db": "PACKETSTORM",
        "id": "138820"
      },
      {
        "db": "PACKETSTORM",
        "id": "138826"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OpenSSL of  DTLS Service disruption in implementations  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004778"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-103"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.