var-201901-0363
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. These issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0363",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0mr2"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.3.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.33"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.5.1"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.39"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t32.9"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server mr2 sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr3 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.40"
},
{
"model": "webex business suite wbs33.7.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33.6.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.33",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t32.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:t31:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1637"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kushal Arvind Shah and Yonghui Han of Fortinet.,Zero Day Initiative,The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-1637",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-148509",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-1637",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-1637",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1637",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-851",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-148509",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148509"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. \nThese issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "VULHUB",
"id": "VHN-148509"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1637",
"trust": 2.8
},
{
"db": "BID",
"id": "106704",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-148509",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148509"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"id": "VAR-201901-0363",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148509"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:28:33.874000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190123-webex-rce",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player for Windows Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88932"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148509"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/106704"
},
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1637"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1637"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148509"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-148509"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-148509"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"date": "2019-01-23T23:29:00.247000",
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"date": "2019-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-148509"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001448"
},
{
"date": "2019-10-09T23:47:34.503000",
"db": "NVD",
"id": "CVE-2019-1637"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Cisco Webex Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001448"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-851"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.