var-201906-1031
Vulnerability from variot

An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity. Phoenix Contact AXC F 2152 and AXC F 2152 STARTERKIT The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Phoenix Contact PLCNext AXC F 2152 is a programmable logic controller from Phoenix Contact, Germany. An information-disclosure vulnerability. 2. An authentication-bypass vulnerability. 3. A denial-of-service vulnerability. Attackers can exploit these issues to bypass the authentication process, obtain sensitive information, perform unauthorized actions and crash the service, denying service to legitimate users

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1031",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "axc f 2152 starterkit",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": "2019.0_lts"
      },
      {
        "model": "axc f 2152",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": "2019.0_lts"
      },
      {
        "model": "axc f 2152 starterkit",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "phoenix contact",
        "version": "2019.0 lts"
      },
      {
        "model": "axc f 2152",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "phoenix contact",
        "version": "2019.0 lts"
      },
      {
        "model": "contact plcnext axc f",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "phoenix",
        "version": "21521.*"
      },
      {
        "model": "contact axc f starterkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "phoenix",
        "version": "21521.x"
      },
      {
        "model": "contact axc f",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "phoenix",
        "version": "21521.x"
      },
      {
        "model": "contact axc f starterkit lts",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "phoenix",
        "version": "21522019.0"
      },
      {
        "model": "contact axc f lts",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "phoenix",
        "version": "21522019.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "BID",
        "id": "108688"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2019.0_lts",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:phoenixcontact:axc_f_2152_starterkit_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2019.0_lts",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Zahra Khani of Firmalyzer and  OPC Foundation.",
    "sources": [
      {
        "db": "BID",
        "id": "108688"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2019-10998",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-10998",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2020-02972",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Physical",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10998",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-10998",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-02972",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201906-092",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity. Phoenix Contact AXC F 2152 and AXC F 2152 STARTERKIT The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Phoenix Contact PLCNext AXC F 2152 is a programmable logic controller from Phoenix Contact, Germany. An information-disclosure vulnerability. \n2. An authentication-bypass vulnerability. \n3. A denial-of-service vulnerability. \nAttackers can exploit these issues to  bypass  the authentication  process, obtain sensitive information, perform  unauthorized actions and  crash the service, denying service to legitimate users",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "BID",
        "id": "108688"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10998",
        "trust": 3.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-155-01",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "108688",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "BID",
        "id": "108688"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "id": "VAR-201906-1031",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:18:41.819000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VDE-2019-009",
        "trust": 0.8,
        "url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/fa7be4d04c301f18c6cc0e0872193a42/security_advisory_axc_f_2152_fw.pdf"
      },
      {
        "title": "Patch for Phoenix Contact PLCNext AXC F 2152 Authorization Issue Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/198329"
      },
      {
        "title": "Phoenix Contact PLCNext AXC F 2152 Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93181"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/fa7be4d04c301f18c6cc0e0872193a42/security_advisory_axc_f_2152_fw.pdf"
      },
      {
        "trust": 1.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-155-01"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10998"
      },
      {
        "trust": 0.9,
        "url": "https://www.phoenixcontact.com/online/portal/pc/pxc/offcontext/insite_landing_page/!ut/p/z1/xzrrt4mwfiv_dy_kdtc19zhgsowfudkn0bdsogb1fobi0h8v00czwczevjrnzjn33jb9gemixiuzkksjki0o3tnijgbw2l0t8cxnlm-hlvus"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10998"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-155-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.securityfocus.com/bid/108688"
      },
      {
        "trust": 0.3,
        "url": "https://www.phoenixcontact.com/online/portal/pc"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "BID",
        "id": "108688"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "db": "BID",
        "id": "108688"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "BID",
        "id": "108688"
      },
      {
        "date": "2019-06-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "date": "2019-06-18T13:15:10.707000",
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-02972"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "BID",
        "id": "108688"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      },
      {
        "date": "2019-06-20T20:15:57.857000",
        "db": "NVD",
        "id": "CVE-2019-10998"
      },
      {
        "date": "2019-07-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Phoenix Contact AXC F 2152 and  AXC F 2152 STARTERKIT Authentication vulnerabilities in devices",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-005605"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-092"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.