var-201906-1033
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted. SIMATIC Ident MV420 family and MV440 family Contains a cryptographic vulnerability.Information may be obtained. The Siemens SIMATIC Ident MV 420 and the Siemens SIMATIC Ident MV 440 are both a code reading system from Siemens AG, Germany. Siemens SIMATIC Ident MV420 and MV440 Families are prone to multiple security vulnerabilities. Attackers can leverage these issues to gain elevated privileges and obtain sensitive information. At the time of advisory publication no public exploitation of this security vulnerability was known
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-1033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic mv420",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic mv440",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic ident mv420 family",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ident mv440 family",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ident mv440",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ident mv420",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic ident mv440",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic ident mv420",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic mv420",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic mv440",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "BID",
"id": "108725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10926"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.,Siemens PSIRT reported these vulnerabilities to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
],
"trust": 0.6
},
"cve": "CVE-2019-10926",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10926",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2019-21107",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-142521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10926",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10926",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-21107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-522",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142521",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "VULHUB",
"id": "VHN-142521"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted. SIMATIC Ident MV420 family and MV440 family Contains a cryptographic vulnerability.Information may be obtained. The Siemens SIMATIC Ident MV 420 and the Siemens SIMATIC Ident MV 440 are both a code reading system from Siemens AG, Germany. Siemens SIMATIC Ident MV420 and MV440 Families are prone to multiple security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges and obtain sensitive information. At the time of advisory publication no public exploitation of this security vulnerability was known",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "BID",
"id": "108725"
},
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "VULHUB",
"id": "VHN-142521"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10926",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-162-02",
"trust": 3.4
},
{
"db": "SIEMENS",
"id": "SSA-816980",
"trust": 2.0
},
{
"db": "BID",
"id": "108725",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201906-522",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-21107",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574",
"trust": 0.8
},
{
"db": "IVD",
"id": "3BEDE54C-EC00-4DA4-8F33-8AC22C396ED9",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-142521",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "VULHUB",
"id": "VHN-142521"
},
{
"db": "BID",
"id": "108725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"id": "VAR-201906-1033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "VULHUB",
"id": "VHN-142521"
}
],
"trust": 1.5666666999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
}
]
},
"last_update_date": "2023-12-18T12:36:08.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-816980",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142521"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-162-02"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108725"
},
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"trust": 0.9,
"url": "http://www.siemens.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10926"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10926"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-162-02"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-ident-information-disclosure-via-web-session-29519"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "VULHUB",
"id": "VHN-142521"
},
{
"db": "BID",
"id": "108725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"db": "VULHUB",
"id": "VHN-142521"
},
{
"db": "BID",
"id": "108725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "IVD",
"id": "3bede54c-ec00-4da4-8f33-8ac22c396ed9"
},
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"date": "2019-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-142521"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108725"
},
{
"date": "2019-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"date": "2019-06-12T14:29:04.510000",
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"date": "2019-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21107"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-142521"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108725"
},
{
"date": "2019-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005574"
},
{
"date": "2021-03-15T18:15:15.503000",
"db": "NVD",
"id": "CVE-2019-10926"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC Ident MV420 family and MV440 family Cryptographic vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005574"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-522"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.