var-202106-0633
Vulnerability from variot

A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The product mainly has functions such as advanced threat prevention, monitoring and response

Show details on source website


{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202106-0633",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "12.0.3-005",
         },
         {
            model: "asyncos",
            scope: "gte",
            trust: 1,
            vendor: "cisco",
            version: "13.5",
         },
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "13.0.0-030",
         },
         {
            model: "asyncos",
            scope: "gte",
            trust: 1,
            vendor: "cisco",
            version: "12.5.0",
         },
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "13.5.3-010",
         },
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "12.5.1-043",
         },
         {
            model: "email security appliance",
            scope: "eq",
            trust: 1,
            vendor: "cisco",
            version: null,
         },
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "11.8.3-021",
         },
         {
            model: "asyncos",
            scope: "gte",
            trust: 1,
            vendor: "cisco",
            version: "13.0",
         },
         {
            model: "asyncos",
            scope: "gte",
            trust: 1,
            vendor: "cisco",
            version: "12.0.0",
         },
         {
            model: "web security appliance",
            scope: "eq",
            trust: 1,
            vendor: "cisco",
            version: null,
         },
         {
            model: "asyncos",
            scope: "lt",
            trust: 1,
            vendor: "cisco",
            version: "12.5.3-035",
         },
         {
            model: "cisco e メール セキュリティ アプライアンス",
            scope: null,
            trust: 0.8,
            vendor: "シスコシステムズ",
            version: null,
         },
         {
            model: "cisco web セキュリティ アプライアンス",
            scope: null,
            trust: 0.8,
            vendor: "シスコシステムズ",
            version: null,
         },
         {
            model: "cisco asyncos",
            scope: null,
            trust: 0.8,
            vendor: "シスコシステムズ",
            version: null,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "12.5.3-035",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "13.0.0-030",
                        versionStartIncluding: "13.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "13.5.3-010",
                        versionStartIncluding: "13.5",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "11.8.3-021",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "12.0.3-005",
                        versionStartIncluding: "12.0.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "12.5.1-043",
                        versionStartIncluding: "12.5.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "AND",
               },
            ],
         },
      ],
      sources: [
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
      ],
   },
   cve: "CVE-2021-1566",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  acInsufInfo: false,
                  accessComplexity: "MEDIUM",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "NVD",
                  availabilityImpact: "NONE",
                  baseScore: 5.8,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 8.6,
                  impactScore: 4.9,
                  integrityImpact: "PARTIAL",
                  obtainAllPrivilege: false,
                  obtainOtherPrivilege: false,
                  obtainUserPrivilege: false,
                  severity: "MEDIUM",
                  trust: 1,
                  userInteractionRequired: false,
                  vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                  version: "2.0",
               },
               {
                  acInsufInfo: null,
                  accessComplexity: "Medium",
                  accessVector: "Network",
                  authentication: "None",
                  author: "NVD",
                  availabilityImpact: "None",
                  baseScore: 5.8,
                  confidentialityImpact: "Partial",
                  exploitabilityScore: null,
                  id: "CVE-2021-1566",
                  impactScore: null,
                  integrityImpact: "Partial",
                  obtainAllPrivilege: null,
                  obtainOtherPrivilege: null,
                  obtainUserPrivilege: null,
                  severity: "Medium",
                  trust: 0.8,
                  userInteractionRequired: null,
                  vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                  version: "2.0",
               },
               {
                  accessComplexity: "MEDIUM",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "VULHUB",
                  availabilityImpact: "NONE",
                  baseScore: 5.8,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 8.6,
                  id: "VHN-374620",
                  impactScore: 4.9,
                  integrityImpact: "PARTIAL",
                  severity: "MEDIUM",
                  trust: 0.1,
                  vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:N",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  author: "NVD",
                  availabilityImpact: "NONE",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.2,
                  impactScore: 5.2,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 2,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               {
                  attackComplexity: "High",
                  attackVector: "Network",
                  author: "NVD",
                  availabilityImpact: "None",
                  baseScore: 7.4,
                  baseSeverity: "High",
                  confidentialityImpact: "High",
                  exploitabilityScore: null,
                  id: "CVE-2021-1566",
                  impactScore: null,
                  integrityImpact: "High",
                  privilegesRequired: "None",
                  scope: "Unchanged",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "NVD",
                  id: "CVE-2021-1566",
                  trust: 1.8,
                  value: "HIGH",
               },
               {
                  author: "ykramarz@cisco.com",
                  id: "CVE-2021-1566",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202104-975",
                  trust: 0.6,
                  value: "MEDIUM",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202106-1319",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "VULHUB",
                  id: "VHN-374620",
                  trust: 0.1,
                  value: "MEDIUM",
               },
            ],
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The product mainly has functions such as advanced threat prevention, monitoring and response",
      sources: [
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
      ],
      trust: 2.25,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2021-1566",
            trust: 3.3,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
            trust: 0.8,
         },
         {
            db: "CS-HELP",
            id: "SB2021041363",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
            trust: 0.6,
         },
         {
            db: "CS-HELP",
            id: "SB2021061621",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.2151",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
            trust: 0.6,
         },
         {
            db: "VULHUB",
            id: "VHN-374620",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   id: "VAR-202106-0633",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
      ],
      trust: 0.54258195,
   },
   last_update_date: "2023-12-18T10:55:00.861000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "cisco-sa-esa-wsa-cert-vali-n8L97RW",
            trust: 0.8,
            url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-wsa-cert-vali-n8l97rw",
         },
         {
            title: "Cisco Advanced Malware Protection Repair measures for trust management problem vulnerabilities",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=155298",
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-295",
            trust: 1.1,
         },
         {
            problemtype: "Bad certificate verification (CWE-295) [NVD Evaluation ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 2.3,
            url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-wsa-cert-vali-n8l97rw",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-1566",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021041363",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021061621",
         },
         {
            trust: 0.6,
            url: "https://vigilance.fr/vulnerability/cisco-esa-wsa-man-in-the-middle-via-amp-35708",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.2151",
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2021-06-16T00:00:00",
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            date: "2022-03-08T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            date: "2021-06-16T18:15:08.710000",
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            date: "2021-04-13T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            date: "2021-06-16T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2021-06-23T00:00:00",
            db: "VULHUB",
            id: "VHN-374620",
         },
         {
            date: "2022-03-08T08:02:00",
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
         {
            date: "2023-11-07T03:28:38.887000",
            db: "NVD",
            id: "CVE-2021-1566",
         },
         {
            date: "2021-04-14T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            date: "2021-06-28T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "remote",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202106-1319",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Cisco Email Security Appliance  and  Cisco Web Security Appliance  for  Cisco AsyncOS  Vulnerability in Certificate Verification",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-008227",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "other",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
      ],
      trust: 0.6,
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.