var-202012-0485
Vulnerability from variot
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not Affected. Contiki is an open source cross-platform operating system for IoT (Internet of Things) devices. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. Contiki-NG and Contiki have a buffer error vulnerability. The vulnerability stems from the fact that the function that parses the DNS record in the DNS response packet sent through NAT64 does not verify the length field of the response record, allowing an attacker to destroy the memory. An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0485",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contiki",
"scope": "lte",
"trust": 1.0,
"vendor": "contiki os",
"version": "3.0"
},
{
"model": "contiki-ng",
"scope": "lte",
"trust": 1.0,
"vendor": "contiki ng",
"version": "4.5"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24336"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24336"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Vijay Sarvepalli.Statement Date:\u00a0\u00a0 December 08, 2020",
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
}
],
"trust": 0.8
},
"cve": "CVE-2020-24336",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-24336",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-24336",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-644",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-24336",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn\u0027t verify whether the address in the answer\u0027s length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected\nCVE-2020-13985 Affected\nCVE-2020-13986 Affected\nCVE-2020-13987 Affected\nCVE-2020-13988 Affected\nCVE-2020-17437 Affected\nCVE-2020-17438 Affected\nCVE-2020-17439 Affected\nCVE-2020-17440 Affected\nCVE-2020-17441 Not Affected\nCVE-2020-17442 Not Affected\nCVE-2020-17443 Not Affected\nCVE-2020-17444 Not Affected\nCVE-2020-17445 Not Affected\nCVE-2020-17467 Not Affected\nCVE-2020-17468 Not Affected\nCVE-2020-17469 Not Affected\nCVE-2020-17470 Not Affected\nCVE-2020-24334 Affected\nCVE-2020-24335 Not Affected\nCVE-2020-24336 Affected\nCVE-2020-24337 Not Affected\nCVE-2020-24338 Not Affected\nCVE-2020-24339 Not Affected\nCVE-2020-24340 Not Affected\nCVE-2020-24341 Not Affected\nCVE-2020-24383 Not Affected\nCVE-2020-25107 Not Affected\nCVE-2020-25108 Not Affected\nCVE-2020-25109 Not Affected\nCVE-2020-25110 Not Affected\nCVE-2020-25111 Not Affected\nCVE-2020-25112 Not Affected\nCVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected\nCVE-2020-13985 Affected\nCVE-2020-13986 Affected\nCVE-2020-13987 Affected\nCVE-2020-13988 Affected\nCVE-2020-17437 Affected\nCVE-2020-17438 Affected\nCVE-2020-17439 Affected\nCVE-2020-17440 Affected\nCVE-2020-17441 Not Affected\nCVE-2020-17442 Not Affected\nCVE-2020-17443 Not Affected\nCVE-2020-17444 Not Affected\nCVE-2020-17445 Not Affected\nCVE-2020-17467 Not Affected\nCVE-2020-17468 Not Affected\nCVE-2020-17469 Not Affected\nCVE-2020-17470 Not Affected\nCVE-2020-24334 Affected\nCVE-2020-24335 Not Affected\nCVE-2020-24336 Affected\nCVE-2020-24337 Not Affected\nCVE-2020-24338 Not Affected\nCVE-2020-24339 Not Affected\nCVE-2020-24340 Not Affected\nCVE-2020-24341 Not Affected\nCVE-2020-24383 Not Affected\nCVE-2020-25107 Not Affected\nCVE-2020-25108 Not Affected\nCVE-2020-25109 Not Affected\nCVE-2020-25110 Not Affected\nCVE-2020-25111 Not Affected\nCVE-2020-25112 Not Affected\nCVE-2021-28362 Not Affected. Contiki is an open source cross-platform operating system for IoT (Internet of Things) devices. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. \nContiki-NG and Contiki have a buffer error vulnerability. The vulnerability stems from the fact that the function that parses the DNS record in the DNS response packet sent through NAT64 does not verify the length field of the response record, allowing an attacker to destroy the memory. An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
},
{
"db": "VULMON",
"id": "CVE-2020-24336"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-24336",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#815128",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-343-01",
"trust": 1.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.4363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-24336",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"id": "VAR-202012-0485",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.48177084
},
"last_update_date": "2023-12-18T10:54:14.662000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Brocade Security Advisories: Access Denied\nAccess Denied",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=54887b0d314c8021dc2d190abfce740d"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24336"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24336"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"trust": 0.8,
"url": "cve-2020-13984 "
},
{
"trust": 0.8,
"url": "cve-2020-13985 "
},
{
"trust": 0.8,
"url": "cve-2020-13986 "
},
{
"trust": 0.8,
"url": "cve-2020-13987 "
},
{
"trust": 0.8,
"url": "cve-2020-13988 "
},
{
"trust": 0.8,
"url": "cve-2020-17437 "
},
{
"trust": 0.8,
"url": "cve-2020-17438 "
},
{
"trust": 0.8,
"url": "cve-2020-17439 "
},
{
"trust": 0.8,
"url": "cve-2020-17440 "
},
{
"trust": 0.8,
"url": "cve-2020-17441 "
},
{
"trust": 0.8,
"url": "cve-2020-17442 "
},
{
"trust": 0.8,
"url": "cve-2020-17443 "
},
{
"trust": 0.8,
"url": "cve-2020-17444 "
},
{
"trust": 0.8,
"url": "cve-2020-17445 "
},
{
"trust": 0.8,
"url": "cve-2020-17467 "
},
{
"trust": 0.8,
"url": "cve-2020-17468 "
},
{
"trust": 0.8,
"url": "cve-2020-17469 "
},
{
"trust": 0.8,
"url": "cve-2020-17470 "
},
{
"trust": 0.8,
"url": "cve-2020-24334 "
},
{
"trust": 0.8,
"url": "cve-2020-24335 "
},
{
"trust": 0.8,
"url": "cve-2020-24336 "
},
{
"trust": 0.8,
"url": "cve-2020-24337 "
},
{
"trust": 0.8,
"url": "cve-2020-24338 "
},
{
"trust": 0.8,
"url": "cve-2020-24339 "
},
{
"trust": 0.8,
"url": "cve-2020-24340 "
},
{
"trust": 0.8,
"url": "cve-2020-24341 "
},
{
"trust": 0.8,
"url": "cve-2020-24383 "
},
{
"trust": 0.8,
"url": "cve-2020-25107 "
},
{
"trust": 0.8,
"url": "cve-2020-25108 "
},
{
"trust": 0.8,
"url": "cve-2020-25109 "
},
{
"trust": 0.8,
"url": "cve-2020-25110 "
},
{
"trust": 0.8,
"url": "cve-2020-25111 "
},
{
"trust": 0.8,
"url": "cve-2020-25112 "
},
{
"trust": 0.8,
"url": "cve-2021-28362 "
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24336"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4363/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.broadcom.com/external/content/securityadvisories/0/21596"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-08T00:00:00",
"db": "CERT/CC",
"id": "VU#815128"
},
{
"date": "2020-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"date": "2020-12-11T23:15:13.870000",
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"date": "2020-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-11T00:00:00",
"db": "CERT/CC",
"id": "VU#815128"
},
{
"date": "2020-12-15T00:00:00",
"db": "VULMON",
"id": "CVE-2020-24336"
},
{
"date": "2020-12-15T14:47:24.727000",
"db": "NVD",
"id": "CVE-2020-24336"
},
{
"date": "2020-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded TCP/IP stacks have memory corruption vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-644"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.