wid-sec-w-2023-0431
Vulnerability from csaf_certbund
Published
2014-10-14 22:00
Modified
2023-04-16 22:00
Summary
SSL 3.0: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in SSL 3.0 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- CISCO Appliance
- Juniper Appliance
- F5 Networks
- Appliance
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in SSL 3.0 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- CISCO Appliance\n- Juniper Appliance\n- F5 Networks\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0431 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2014/wid-sec-w-2023-0431.json" }, { "category": "self", "summary": "WID-SEC-2023-0431 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0431" }, { "category": "external", "summary": "IBM Security Bulletin 867654 vom 2023-04-14", "url": "https://www.ibm.com/support/pages/node/867654" }, { "category": "external", "summary": "Microsoft Security Advisory 3009008 vom 2014-10-14", "url": "https://technet.microsoft.com/en-us/library/security/3009008" }, { "category": "external", "summary": "Splunk Product Security Announcement SP-CAAANKE vom 2014-10-14", "url": "http://www.splunk.com/view/SP-CAAANKE" }, { "category": "external", "summary": "OpenSSL Security Advisory \"This POODLE Bites: Exploiting The SSL 3.0 Fallback\"", "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "category": "external", "summary": "Mozilla Security Blog \"The POODLE Attack and the End of SSL 3.0\" vom 2014-10-14", "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "category": "external", "summary": "Google Online Security Blog \"This POODLE bites: exploiting the SSL 3.0 fallback\" vom 2014-10-14", "url": "http://googleonlinesecurity.blogspot.de/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "category": "external", "summary": "F5 Security Advisory SOL15702 vom 2014-10-14", "url": "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15702.html" }, { "category": "external", "summary": "OpenSSL Security Advisory vom 2014-10-15", "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "category": "external", "summary": "IBM Security Bulletin #1687172 vom 2014-10-15", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "category": "external", "summary": "Juniper Security Bulletin vom 2014-10-15", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10656" }, { "category": "external", "summary": "Fortinet Security Advisory vom 2014-10-15", "url": "http://www.fortiguard.com/advisory/SSL-v3--POODLE--Vulnerability/" }, { "category": "external", "summary": "Debian Security Advisory DSA-3053-1 vom 2014-10-16", "url": "https://www.debian.org/security/2014/dsa-3053" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1653-1 vom 2014-10-16", "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1652-1 vom 2014-10-16", "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "category": "external", "summary": "CentOS Errata and Security Advisory 2014:1653", "url": "http://lists.centos.org/pipermail/centos-announce/2014-October/020693.html" }, { "category": "external", "summary": "CentOS Errata and Security Advisory 2014:1652", "url": "http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html" }, { "category": "external", "summary": "SANS Institute Community vom 2014-10-16", "url": "https://isc.sans.edu/forums/diary/POODLE+Turning+off+SSLv3+for+various+servers+and+client+/18837" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-20141015-poodle vom 2014-10-16", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "category": "external", "summary": "Apple Security Advisory HT6531 vom 2014-10-16", "url": "https://support.apple.com/kb/HT6531" }, { "category": "external", "summary": "Apple Security Advisory HT6529 vom 2014-10-16", "url": "https://support.apple.com/kb/HT6529" }, { "category": "external", "summary": "Apple Security Advisory HT6527 vom 2014-10-16", "url": "https://support.apple.com/kb/HT6527" }, { "category": "external", "summary": "Apple Security Advisory HT6536 vom 2014-10-16", "url": "https://support.apple.com/kb/HT6536" }, { "category": "external", "summary": "Juniper Security Bulletin JSA10656 vom 2014-10-16", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10656\u0026cat=SIRT_1\u0026actp=LIST" }, { "category": "external", "summary": "Eintrag in Blackberry Knowledge Base: Article ID: KB36397", "url": "http://btsc.webapps.blackberry.com/btsc/dynamickc.do?externalId=KB36397\u0026sliceID=1\u0026command=show\u0026forward=nonthreadedKC\u0026kcId=KB36397" }, { "category": "external", "summary": "Asterisk Project Security Advisory - AST-2014-011", "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.pdf" }, { "category": "external", "summary": "CVE-2014-3566 vom 2014-10-20", "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.pdf" }, { "category": "external", "summary": "Mandriva Security Advisory MDVSA-2014:203 vom 2014-10-23", "url": "http://www.mandriva.com/de/support/security/advisories/advisory/MDVSA-2014%3A203/" }, { "category": "external", "summary": "FSC-2014-8 vom 2014-10-24", "url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-8" }, { "category": "external", "summary": "sa83 vom 2014-10-27", "url": "https://kb.bluecoat.com/security-advisory/sa83" }, { "category": "external", "summary": "IBM Security Bulletin #1687678 vom 2014-10-27", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687678" }, { "category": "external", "summary": "CTX200238 vom 2014-10-29", "url": "http://support.citrix.com/article/CTX200238" }, { "category": "external", "summary": "IBM SECURITY ADVISORY vom 2014-10-29", "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "category": "external", "summary": "Update des Microsoft Security Advisory 3009008", "url": "https://technet.microsoft.com/en-us/library/security/3009008" }, { "category": "external", "summary": "IBM Security Bulletin 1688137 vom 2014-10-31", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688137" }, { "category": "external", "summary": "HP SECURITY BULLETIN", "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04492722" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2014:1357 vom 2014-11-04", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "category": "external", "summary": "NetBSD Security Advisory 2014-015 vom 2014-11-06", "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "category": "external", "summary": "Splunk Advisory SP-CAAANR7", "url": "http://www.splunk.com/view/SP-CAAANR7" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1877-1 vom 2014-11-19", "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1876-1 vom 2014-11-19", "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1882-1 vom 2014-11-20", "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1881-2 vom 2014-11-20", "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2014:1880-1 vom 2014-11-20", "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:0012 vom 2015-01-06", "url": "https://rhn.redhat.com/errata/RHSA-2015-0012.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:0011 vom 2015-01-06", "url": "https://rhn.redhat.com/errata/RHSA-2015-0011.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:0010 vom 2015-01-06", "url": "https://rhn.redhat.com/errata/RHSA-2015-0010.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0010-1 vom 2015-01-05", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00000.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-3147-1 vom 2015-01-30", "url": "https://www.debian.org/security/2015/dsa-3147" }, { "category": "external", "summary": "Debian Security Advisory DSA-3144-1 vom 2015-01-30", "url": "https://www.debian.org/security/2015/dsa-3144" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2015:0698-1 vom 2015-03-18", "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2015:0578-1 vom 2015-03-23", "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150578-1.html" }, { "category": "external", "summary": "HP Security Bulletin HPSBMU03263", "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04574073" }, { "category": "external", "summary": "Mandriva Security Advisory MDVSA-2015:062 vom 2015-03-27", "url": "http://www.mandriva.com/de/support/security/advisories/advisory/MDVSA-2015%3A062/" }, { "category": "external", "summary": "Debian Security Advisory DSA-3253-1 vom 2015-05-08", "url": "https://www.debian.org/security/2015/dsa-3253" }, { "category": "external", "summary": "HP Security Bulletin HPSBHF03300 rev.3 vom 2015-06-04", "url": "https://h20565.www2.hp.com/hpsc/doc/public/display?calledBy=\u0026docId=emr_na-c04616259\u0026docLocale=en_US" }, { "category": "external", "summary": "Red Hat Security Advisory vom 2015-08-04", "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "category": "external", "summary": "Red Hat Security Advisory vom 2015-08-04", "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2014:1519-1 vom 2015-10-09", "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20141519-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2014:1361-1 vom 2016-01-22", "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20141361-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2014:1357-1 vom 2016-01-22", "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20141357-1.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-3489 vom 2016-02-24", "url": "https://www.debian.org/security/2016/dsa-3489" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2396-1 vom 2016-09-27", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162396-1.html" }, { "category": "external", "summary": "NetApp Advisory NTAP-20141015-0001", "url": "https://kb.netapp.com/support/s/article/ka51A000000079xQAA/cve-2014-3566-ssl-v3-0-nondeterministic-cbc-padding-vulnerability-in-multiple-netapp-products?language=en_US" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13", "url": "http://linux.oracle.com/errata/ELSA-2019-4581.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16", "url": "http://linux.oracle.com/errata/ELSA-2019-4747.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01", "url": "https://linux.oracle.com/errata/ELSA-2021-9150.html" }, { "category": "external", "summary": "IBM Security Bulletin 690369 vom 2023-02-20", "url": "https://www.ibm.com/support/pages/node/690369" } ], "source_lang": "en-US", "title": "SSL 3.0: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2023-04-16T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:15:14.237+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0431", "initial_release_date": "2014-10-14T22:00:00.000+00:00", "revision_history": [ { "date": "2014-10-14T22:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2014-10-14T22:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2014-10-14T22:00:00.000+00:00", "number": "3", "summary": "Version nicht vorhanden" }, { "date": "2014-10-14T22:00:00.000+00:00", "number": "4", "summary": "Version nicht vorhanden" }, { "date": "2014-10-14T22:00:00.000+00:00", "number": "5", "summary": "Version nicht vorhanden" }, { "date": "2014-10-15T22:00:00.000+00:00", "number": "6", "summary": "New remediations available" }, { "date": "2014-10-15T22:00:00.000+00:00", "number": "7", "summary": "New remediations available" }, { "date": "2014-10-15T22:00:00.000+00:00", "number": "8", "summary": "New remediations available" }, { "date": "2014-10-15T22:00:00.000+00:00", "number": "9", "summary": "New remediations available" }, { "date": "2014-10-15T22:00:00.000+00:00", "number": "10", "summary": "Version nicht vorhanden" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "11", "summary": "New remediations available" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "12", "summary": "New remediations available" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "13", "summary": "New remediations available" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "14", "summary": "Version nicht vorhanden" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "15", "summary": "Version nicht vorhanden" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "16", "summary": "Version nicht vorhanden" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "17", "summary": "Version nicht vorhanden" }, { "date": "2014-10-16T22:00:00.000+00:00", "number": "18", "summary": "Version nicht vorhanden" }, { "date": "2014-10-20T22:00:00.000+00:00", "number": "19", "summary": "New remediations available" }, { "date": "2014-10-20T22:00:00.000+00:00", "number": "20", "summary": "Version nicht vorhanden" }, { "date": "2014-10-23T22:00:00.000+00:00", "number": "21", "summary": "New remediations available" }, { "date": "2014-10-26T23:00:00.000+00:00", "number": "22", "summary": "New remediations available" }, { "date": "2014-10-26T23:00:00.000+00:00", "number": "23", "summary": "Version nicht vorhanden" }, { "date": "2014-10-27T23:00:00.000+00:00", "number": "24", "summary": "New remediations available" }, { "date": "2014-10-27T23:00:00.000+00:00", "number": "25", "summary": "Version nicht vorhanden" }, { "date": "2014-10-27T23:00:00.000+00:00", "number": "26", "summary": "Version nicht vorhanden" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "27", "summary": "New remediations available" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "28", "summary": "Version nicht vorhanden" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "29", "summary": "New remediations available" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "30", "summary": "Version nicht vorhanden" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "31", "summary": "Version nicht vorhanden" }, { "date": "2014-10-29T23:00:00.000+00:00", "number": "32", "summary": "Version nicht vorhanden" }, { "date": "2014-11-02T23:00:00.000+00:00", "number": "33", "summary": "New remediations available" }, { "date": "2014-11-02T23:00:00.000+00:00", "number": "34", "summary": "Version nicht vorhanden" }, { "date": "2014-11-02T23:00:00.000+00:00", "number": "35", "summary": "New remediations available" }, { "date": "2014-11-02T23:00:00.000+00:00", "number": "36", "summary": "Version nicht vorhanden" }, { "date": "2014-11-04T23:00:00.000+00:00", "number": "37", "summary": "New remediations available" }, { "date": "2014-11-04T23:00:00.000+00:00", "number": "38", "summary": "Version nicht vorhanden" }, { "date": "2014-11-04T23:00:00.000+00:00", "number": "39", "summary": "Version nicht vorhanden" }, { "date": "2014-11-06T23:00:00.000+00:00", "number": "40", "summary": "New remediations available" }, { "date": "2014-11-06T23:00:00.000+00:00", "number": "41", "summary": "Version nicht vorhanden" }, { "date": "2014-11-11T23:00:00.000+00:00", "number": "42", "summary": "New remediations available" }, { "date": "2014-11-19T23:00:00.000+00:00", "number": "43", "summary": "New remediations available" }, { "date": "2014-11-20T23:00:00.000+00:00", "number": "44", "summary": "New remediations available" }, { "date": "2014-11-20T23:00:00.000+00:00", "number": "45", "summary": "Version nicht vorhanden" }, { "date": "2015-01-05T23:00:00.000+00:00", "number": "46", "summary": "New remediations available" }, { "date": "2015-01-05T23:00:00.000+00:00", "number": "47", "summary": "New remediations available" }, { "date": "2015-01-05T23:00:00.000+00:00", "number": "48", "summary": "New remediations available" }, { "date": "2015-02-01T23:00:00.000+00:00", "number": "49", "summary": "New remediations available" }, { "date": "2015-02-01T23:00:00.000+00:00", "number": "50", "summary": "Version nicht vorhanden" }, { "date": "2015-02-01T23:00:00.000+00:00", "number": "51", "summary": "Version nicht vorhanden" }, { "date": "2015-03-18T23:00:00.000+00:00", "number": "52", "summary": "New remediations available" }, { "date": "2015-03-23T23:00:00.000+00:00", "number": "53", "summary": "New remediations available" }, { "date": "2015-03-24T23:00:00.000+00:00", "number": "54", "summary": "New remediations available" }, { "date": "2015-03-24T23:00:00.000+00:00", "number": "55", "summary": "Version nicht vorhanden" }, { "date": "2015-03-29T22:00:00.000+00:00", "number": "56", "summary": "New remediations available" }, { "date": "2015-05-10T22:00:00.000+00:00", "number": "57", "summary": "New remediations available" }, { "date": "2015-05-10T22:00:00.000+00:00", "number": "58", "summary": "Version nicht vorhanden" }, { "date": "2015-06-04T22:00:00.000+00:00", "number": "59", "summary": "New remediations available" }, { "date": "2015-06-04T22:00:00.000+00:00", "number": "60", "summary": "Version nicht vorhanden" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "61", "summary": "New remediations available" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "62", "summary": "Version nicht vorhanden" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "63", "summary": "Version nicht vorhanden" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "64", "summary": "Version nicht vorhanden" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "65", "summary": "Version nicht vorhanden" }, { "date": "2015-08-04T22:00:00.000+00:00", "number": "66", "summary": "Version nicht vorhanden" }, { "date": "2015-10-08T22:00:00.000+00:00", "number": "67", "summary": "New remediations available" }, { "date": "2015-10-08T22:00:00.000+00:00", "number": "68", "summary": "Version nicht vorhanden" }, { "date": "2016-01-24T23:00:00.000+00:00", "number": "69", "summary": "New remediations available" }, { "date": "2016-02-24T23:00:00.000+00:00", "number": "70", "summary": "New remediations available" }, { "date": "2016-09-27T22:00:00.000+00:00", "number": "71", "summary": "New remediations available" }, { "date": "2017-02-19T23:00:00.000+00:00", "number": "72", "summary": "New remediations available" }, { "date": "2017-02-19T23:00:00.000+00:00", "number": "73", "summary": "Version nicht vorhanden" }, { "date": "2019-03-13T23:00:00.000+00:00", "number": "74", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2019-08-18T22:00:00.000+00:00", "number": "75", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-03-31T22:00:00.000+00:00", "number": "76", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-02-19T23:00:00.000+00:00", "number": "77", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-04-16T22:00:00.000+00:00", "number": "78", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "78" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Apache HTTP Server", "product": { "name": "Apache HTTP Server", "product_id": "5119", "product_identification_helper": { "cpe": "cpe:/a:apache:http_server:-" } } } ], "category": "vendor", "name": "Apache" }, { "branches": [ { "category": "product_name", "name": "Broadcom Brocade Switch", "product": { "name": "Broadcom Brocade Switch", "product_id": "T015844", "product_identification_helper": { "cpe": "cpe:/h:brocade:switch:-" } } } ], "category": "vendor", "name": "Broadcom" }, { "branches": [ { "category": "product_name", "name": "Cisco AnyConnect Secure Mobility Solution", "product": { "name": "Cisco AnyConnect Secure Mobility Solution", "product_id": "T001830", "product_identification_helper": { "cpe": "cpe:/a:cisco:anyconnect_secure_mobility_client:-" } } }, { "category": "product_name", "name": "Cisco CSS", "product": { "name": "Cisco CSS", "product_id": "T003260", "product_identification_helper": { "cpe": "cpe:/h:cisco:content_services_switch:-" } } }, { "category": "product_name", "name": "Cisco IOS", "product": { "name": "Cisco IOS", "product_id": "T001045", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios:-" } } }, { "category": "product_name", "name": "Cisco IOS XE", "product": { "name": "Cisco IOS XE", "product_id": "T001605", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios_xe:-" } } }, { "category": "product_name", "name": "Cisco NX-OS", "product": { "name": "Cisco NX-OS", "product_id": "T000310", "product_identification_helper": { "cpe": "cpe:/o:cisco:nx-os:-" } } }, { "category": "product_name", "name": "Cisco Nexus", "product": { "name": "Cisco Nexus", "product_id": "T004033", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus:-" } } }, { "category": "product_name", "name": "Cisco Wireless LAN Controllers", "product": { "name": "Cisco Wireless LAN Controllers", "product_id": "1889", "product_identification_helper": { "cpe": "cpe:/a:cisco:wireless_lan_controllers:-" } } } ], "category": "vendor", "name": "Cisco" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian Linux Wheezy (7.0)", "product": { "name": "Debian Linux Wheezy (7.0)", "product_id": "T001572", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:7.0" } } }, { "category": "product_name", "name": "Debian Linux Jessie (8.0)", "product": { "name": "Debian Linux Jessie (8.0)", "product_id": "T004932", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:8.0" } } } ], "category": "product_name", "name": "Linux" } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Digium Certified Asterisk 11.6", "product": { "name": "Digium Certified Asterisk 11.6", "product_id": "T004042", "product_identification_helper": { "cpe": "cpe:/a:digium:certified_asterisk:11.6" } } }, { "category": "product_name", "name": "Digium Certified Asterisk 1.8.28", "product": { "name": "Digium Certified Asterisk 1.8.28", "product_id": "T004043", "product_identification_helper": { "cpe": "cpe:/a:digium:certified_asterisk:1.8.28" } } } ], "category": "product_name", "name": "Certified Asterisk" } ], "category": "vendor", "name": "Digium" }, { "branches": [ { "category": "product_name", "name": "F-Secure Linux Security", "product": { "name": "F-Secure Linux Security", "product_id": "T004062", "product_identification_helper": { "cpe": "cpe:/a:f-secure:linux_security:-" } } }, { "branches": [ { "category": "product_name", "name": "F-Secure Messaging Security Gateway 7.1", "product": { "name": "F-Secure Messaging Security Gateway 7.1", "product_id": "T004059", "product_identification_helper": { "cpe": "cpe:/o:f-secure:messaging_secure_gateway:7.1" } } }, { "category": "product_name", "name": "F-Secure Messaging Security Gateway 7.2", "product": { "name": "F-Secure Messaging Security Gateway 7.2", "product_id": "T004060", "product_identification_helper": { "cpe": "cpe:/o:f-secure:messaging_secure_gateway:7.2" } } }, { "category": "product_name", "name": "F-Secure Messaging Security Gateway 7.5", "product": { "name": "F-Secure Messaging Security Gateway 7.5", "product_id": "T004061", "product_identification_helper": { "cpe": "cpe:/o:f-secure:messaging_secure_gateway:7.5" } } } ], "category": "product_name", "name": "Messaging Security Gateway" } ], "category": "vendor", "name": "F-Secure" }, { "branches": [ { "category": "product_name", "name": "Fortinet FortiGate", "product": { "name": "Fortinet FortiGate", "product_id": "T004020", "product_identification_helper": { "cpe": "cpe:/h:fortinet:fortigate:-" } } }, { "category": "product_name", "name": "Fortinet FortiManager", "product": { "name": "Fortinet FortiManager", "product_id": "T003827", "product_identification_helper": { "cpe": "cpe:/a:fortinet:fortimanager:-" } } } ], "category": "vendor", "name": "Fortinet" }, { "branches": [ { "category": "product_name", "name": "Google Chrome", "product": { "name": "Google Chrome", "product_id": "T000173", "product_identification_helper": { "cpe": "cpe:/a:google:chrome:-" } } } ], "category": "vendor", "name": "Google" }, { "branches": [ { "category": "product_name", "name": "HPE HP-UX", "product": { "name": "HPE HP-UX", "product_id": "4871", "product_identification_helper": { "cpe": "cpe:/o:hp:hp-ux:-" } } }, { "category": "product_name", "name": "HPE Insight Control", "product": { "name": "HPE Insight Control", "product_id": "253293", "product_identification_helper": { "cpe": "cpe:/a:hp:insight_control_server_deployment:-" } } }, { "category": "product_name", "name": "HPE Router", "product": { "name": "HPE Router", "product_id": "T005120", "product_identification_helper": { "cpe": "cpe:/h:hp:router:-" } } }, { "category": "product_name", "name": "HPE Switch", "product": { "name": "HPE Switch", "product_id": "T005119", "product_identification_helper": { "cpe": "cpe:/h:hp:switch:-" } } } ], "category": "vendor", "name": "HPE" }, { "branches": [ { "category": "product_name", "name": "IBM AIX", "product": { "name": "IBM AIX", "product_id": "5094", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:-" } } }, { "category": "product_name", "name": "IBM BladeCenter", "product": { "name": "IBM BladeCenter", "product_id": "199316", "product_identification_helper": { "cpe": "cpe:/h:ibm:bladecenter:hs22" } } }, { "branches": [ { "category": "product_name", "name": "IBM FlashSystem 840", "product": { "name": "IBM FlashSystem 840", "product_id": "T026432", "product_identification_helper": { "cpe": "cpe:/a:ibm:flashsystem:840" } } }, { "category": "product_name", "name": "IBM FlashSystem v840", "product": { "name": "IBM FlashSystem v840", "product_id": "T026434", "product_identification_helper": { "cpe": "cpe:/a:ibm:flashsystem:v840" } } } ], "category": "product_name", "name": "FlashSystem" }, { "category": "product_name", "name": "IBM HTTP Server", "product": { "name": "IBM HTTP Server", "product_id": "T004019", "product_identification_helper": { "cpe": "cpe:/a:ibm:http_server:-" } } }, { "category": "product_name", "name": "IBM Rational Build Forge", "product": { "name": "IBM Rational Build Forge", "product_id": "T004089", "product_identification_helper": { "cpe": "cpe:/a:ibm:rational_build_forge:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Juniper JUNOS", "product": { "name": "Juniper JUNOS", "product_id": "5930", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:-" } } }, { "category": "product_name", "name": "Juniper Junos Space", "product": { "name": "Juniper Junos Space", "product_id": "T003343", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:-" } } } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Microsoft Windows 7", "product": { "name": "Microsoft Windows 7", "product_id": "160432", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_7:-:sp1:x86" } } }, { "category": "product_name", "name": "Microsoft Windows 7 x64 Edition", "product": { "name": "Microsoft Windows 7 x64 Edition", "product_id": "160711", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_7::sp1:x64" } } } ], "category": "product_name", "name": "Windows 7" }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows 8.1 for 32-bit Systems", "product": { "name": "Microsoft Windows 8.1 for 32-bit Systems", "product_id": "T002139", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_8.1:::x86" } } }, { "category": "product_name", "name": "Microsoft Windows 8.1 for x64-based Systems", "product": { "name": "Microsoft Windows 8.1 for x64-based Systems", "product_id": "T002140", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_8.1:::x64" } } } ], "category": "product_name", "name": "Windows 8.1" }, { "category": "product_name", "name": "Microsoft Windows RT 8.1", "product": { "name": "Microsoft Windows RT 8.1", "product_id": "T002137", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_rt_8.1:-" } } }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2", "product": { "name": "Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2", "product_id": "106564", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2008::sp2:itanium" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2008 for x64-based Systems Service Pack 2", "product": { "name": "Microsoft Windows Server 2008 for x64-based Systems Service Pack 2", "product_id": "106566", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2008:-:sp2:x64" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1", "product": { "name": "Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1", "product_id": "142951", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2008:r2:sp1:x64" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2008 R2 for Itanium-based Systems Service Pack 1", "product": { "name": "Microsoft Windows Server 2008 R2 for Itanium-based Systems Service Pack 1", "product_id": "144574", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2008:r2:sp1:itanium" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2008 Service Pack 2", "product": { "name": "Microsoft Windows Server 2008 Service Pack 2", "product_id": "160428", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2008::sp2" } } } ], "category": "product_name", "name": "Windows Server 2008" }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows Server 2012", "product": { "name": "Microsoft Windows Server 2012", "product_id": "185379", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2012:-" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2012 R2", "product": { "name": "Microsoft Windows Server 2012 R2", "product_id": "T002138", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2012:r2" } } } ], "category": "product_name", "name": "Windows Server 2012" } ], "category": "vendor", "name": "Microsoft" }, { "branches": [ { "category": "product_name", "name": "Mozilla Firefox", "product": { "name": "Mozilla Firefox", "product_id": "7356", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox:-" } } }, { "category": "product_name", "name": "Mozilla Firefox ESR", "product": { "name": "Mozilla Firefox ESR", "product_id": "T004029", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox_esr:-" } } }, { "category": "product_name", "name": "Mozilla Thunderbird", "product": { "name": "Mozilla Thunderbird", "product_id": "9619", "product_identification_helper": { "cpe": "cpe:/a:mozilla:thunderbird:-" } } } ], "category": "vendor", "name": "Mozilla" }, { "branches": [ { "category": "product_name", "name": "NetApp OnCommand Unified Manager", "product": { "name": "NetApp OnCommand Unified Manager", "product_id": "T009408", "product_identification_helper": { "cpe": "cpe:/a:netapp:oncommand_unified_manager:-" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "NetBSD Foundation NetBSD OS", "product": { "name": "NetBSD Foundation NetBSD OS", "product_id": "7660", "product_identification_helper": { "cpe": "cpe:/o:netbsd:netbsd:-" } } } ], "category": "vendor", "name": "NetBSD Foundation" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } }, { "category": "product_name", "name": "Open Source Dovecot", "product": { "name": "Open Source Dovecot", "product_id": "T004031", "product_identification_helper": { "cpe": "cpe:/a:dovecot:dovecot:-" } } }, { "branches": [ { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.0.1j", "product": { "name": "Open Source OpenSSL \u003c 1.0.1j", "product_id": "T004016", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.0.1j" } } }, { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.0.0o", "product": { "name": "Open Source OpenSSL \u003c 1.0.0o", "product_id": "T004017", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.0.0o" } } }, { "category": "product_name", "name": "Open Source OpenSSL \u003c 0.9.8zc", "product": { "name": "Open Source OpenSSL \u003c 0.9.8zc", "product_id": "T004018", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:0.9.8zc" } } } ], "category": "product_name", "name": "OpenSSL" }, { "category": "product_name", "name": "Open Source Postfix", "product": { "name": "Open Source Postfix", "product_id": "T004032", "product_identification_helper": { "cpe": "cpe:/a:postfix:postfix:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat OpenShift Enterprise", "product": { "name": "Red Hat OpenShift Enterprise", "product_id": "T002673", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:2" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Apple Mac OS X", "product": { "name": "Apple Mac OS X", "product_id": "699", "product_identification_helper": { "cpe": "cpe:/o:apple:mac_os_x:-" } } }, { "category": "product_name", "name": "Apple OS X Server", "product": { "name": "Apple OS X Server", "product_id": "T004028", "product_identification_helper": { "cpe": "cpe:/o:apple:os_x_server:-" } } } ], "category": "vendor", "name": "apple" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Blue Coat Director 5.x", "product": { "name": "Blue Coat Director 5.x", "product_id": "T003287", "product_identification_helper": { "cpe": "cpe:/a:bluecoat:director:5.x" } } }, { "category": "product_name", "name": "Blue Coat Director 6.x", "product": { "name": "Blue Coat Director 6.x", "product_id": "T003288", "product_identification_helper": { "cpe": "cpe:/a:bluecoat:director:6.x" } } } ], "category": "product_name", "name": "director" }, { "branches": [ { "category": "product_name", "name": "Blue Coat ProxySG", "product": { "name": "Blue Coat ProxySG", "product_id": "1359", "product_identification_helper": { "cpe": "cpe:/h:bluecoat:proxysg:-" } } }, { "category": "product_name", "name": "Blue Coat ProxySG 6.x", "product": { "name": "Blue Coat ProxySG 6.x", "product_id": "T003291", "product_identification_helper": { "cpe": "cpe:/h:bluecoat:proxysg:6.x" } } } ], "category": "product_name", "name": "proxysg" } ], "category": "vendor", "name": "bluecoat" }, { "branches": [ { "category": "product_name", "name": "Cisco ASA (Adaptive Security Appliance)", "product": { "name": "Cisco ASA (Adaptive Security Appliance)", "product_id": "T001373", "product_identification_helper": { "cpe": "cpe:/o:cisco:adaptive_security_appliance:-" } } }, { "category": "product_name", "name": "Cisco ACE", "product": { "name": "Cisco ACE", "product_id": "T003259", "product_identification_helper": { "cpe": "cpe:/a:cisco:application_control_engine_software:-" } } }, { "category": "product_name", "name": "Cisco Prime Security Manager (PRSM)", "product": { "name": "Cisco Prime Security Manager (PRSM)", "product_id": "T002774", "product_identification_helper": { "cpe": "cpe:/a:cisco:prime_security_manager:-" } } } ], "category": "vendor", "name": "cisco" }, { "branches": [ { "category": "product_name", "name": "Citrix Systems NetScaler", "product": { "name": "Citrix Systems NetScaler", "product_id": "70427", "product_identification_helper": { "cpe": "cpe:/a:citrix:netscaler:-" } } } ], "category": "vendor", "name": "citrix" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Access Policy Manager 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Access Policy Manager 10.0.0 - 10.2.4", "product_id": "T000518", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_access_policy_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.4.1", "product_id": "T002529", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_access_policy_manager:11.4.1" } } } ], "category": "product_name", "name": "big-ip_access_policy_manager" }, { "category": "product_name", "name": "F5 BIG-IP Analytics 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Analytics 11.0.0 - 11.4.1", "product_id": "T002871", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_analytics:11.4.1" } } }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Application Security Manager 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Application Security Manager 10.0.0 - 10.2.4", "product_id": "T000548", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_application_security_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.4.1", "product_id": "T002872", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_application_security_manager:11.4.1" } } } ], "category": "product_name", "name": "big-ip_application_security_manager" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4", "product": { "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4", "product_id": "T000552", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_edge_gateway:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0", "product": { "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0", "product_id": "T000556", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_edge_gateway:11.3.0" } } } ], "category": "product_name", "name": "big-ip_edge_gateway" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Global Traffic Manager 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Global Traffic Manager 10.0.0 - 10.2.4", "product_id": "T000523", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_global_traffic_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Global Traffic Manager 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Global Traffic Manager 11.0.0 - 11.6.0", "product_id": "T003686", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_global_traffic_manager:11.6.0" } } } ], "category": "product_name", "name": "big-ip_global_traffic_manager" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Link Controller 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Link Controller 10.0.0 - 10.2.4", "product_id": "T000540", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_link_controller:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Link Controller 11.0.0 - 11.6.0", "product": { "name": "F5 BIG-IP Link Controller 11.0.0 - 11.6.0", "product_id": "T003687", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_link_controller:11.6.0" } } } ], "category": "product_name", "name": "big-ip_link_controller" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Local Traffic Manager 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Local Traffic Manager 10.0.0 - 10.2.4", "product_id": "T000512", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.4.1", "product_id": "T002870", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:11.4.1" } } } ], "category": "product_name", "name": "big-ip_local_traffic_manager" }, { "branches": [ { "category": "product_name", "name": "F5 WAN Optimization Manager 11.0.0 - 11.3.0", "product": { "name": "F5 WAN Optimization Manager 11.0.0 - 11.3.0", "product_id": "T000534", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:11.3.0" } } }, { "category": "product_name", "name": "F5 WAN Optimization Manager 10.0.0 - 10.2.4", "product": { "name": "F5 WAN Optimization Manager 10.0.0 - 10.2.4", "product_id": "T000535", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:10.2.4" } } } ], "category": "product_name", "name": "big-ip_wan_optimization_manager" }, { "branches": [ { "category": "product_name", "name": "F5 WebAccelerator 10.0.0 - 10.2.4", "product": { "name": "F5 WebAccelerator 10.0.0 - 10.2.4", "product_id": "T001411", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4" } } }, { "category": "product_name", "name": "F5 WebAccelerator 11.0.0 - 11.3.0", "product": { "name": "F5 WebAccelerator 11.0.0 - 11.3.0", "product_id": "T001412", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:11.3.0" } } } ], "category": "product_name", "name": "big-ip_webaccelerator" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP Protocol Security Manager 10.0.0 - 10.2.4", "product": { "name": "F5 BIG-IP Protocol Security Manager 10.0.0 - 10.2.4", "product_id": "T001410", "product_identification_helper": { "cpe": "cpe:/a:f5:protocol_security_manager:10.2.4" } } }, { "category": "product_name", "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.4.1", "product": { "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.4.1", "product_id": "T003110", "product_identification_helper": { "cpe": "cpe:/a:f5:protocol_security_manager:11.4.1" } } } ], "category": "product_name", "name": "protocol_security_manager" } ], "category": "vendor", "name": "f5" }, { "branches": [ { "category": "product_name", "name": "HP Storage Essentials", "product": { "name": "HP Storage Essentials", "product_id": "T004482", "product_identification_helper": { "cpe": "cpe:/a:hp:storage_essentials:-" } } } ], "category": "vendor", "name": "hp" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM WebSphere Message Broker 7.0", "product": { "name": "IBM WebSphere Message Broker 7.0", "product_id": "186511", "product_identification_helper": { "cpe": "cpe:/a:ibm:websphere_message_broker:7.0." } } }, { "category": "product_name", "name": "IBM WebSphere Message Broker 8.0", "product": { "name": "IBM WebSphere Message Broker 8.0", "product_id": "186515", "product_identification_helper": { "cpe": "cpe:/a:ibm:websphere_message_broker:8.0" } } } ], "category": "product_name", "name": "websphere_message_broker" } ], "category": "vendor", "name": "ibm" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Microsoft Windows 8", "product": { "name": "Microsoft Windows 8", "product_id": "185377", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_8:-:-:x86" } } }, { "category": "product_name", "name": "Microsoft Windows 8 for 64-bit Systems", "product": { "name": "Microsoft Windows 8 for 64-bit Systems", "product_id": "185378", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_8:-:-:x64" } } } ], "category": "product_name", "name": "windows_8" }, { "category": "product_name", "name": "Microsoft Windows RT", "product": { "name": "Microsoft Windows RT", "product_id": "T000078", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_rt:-" } } }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows Server 2003 Service Pack 2", "product": { "name": "Microsoft Windows Server 2003 Service Pack 2", "product_id": "77489", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2003:-:sp2" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2003 x64 Edition Service Pack 2", "product": { "name": "Microsoft Windows Server 2003 x64 Edition Service Pack 2", "product_id": "77491", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2003:-:sp2:x64" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2", "product": { "name": "Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2", "product_id": "78341", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2003:-:sp2:itanium" } } } ], "category": "product_name", "name": "windows_server_2003" }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows Vista x64 Edition Service Pack 2", "product": { "name": "Microsoft Windows Vista x64 Edition Service Pack 2", "product_id": "106503", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_vista:-:sp2:x64" } } }, { "category": "product_name", "name": "Microsoft Windows Vista Service Pack 2", "product": { "name": "Microsoft Windows Vista Service Pack 2", "product_id": "106522", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_vista::sp2" } } } ], "category": "product_name", "name": "windows_vista" } ], "category": "vendor", "name": "microsoft" }, { "branches": [ { "category": "product_name", "name": "Mozilla Thunderbird ESR", "product": { "name": "Mozilla Thunderbird ESR", "product_id": "T004030", "product_identification_helper": { "cpe": "cpe:/a:mozilla:thunderbird_esr:-" } } } ], "category": "vendor", "name": "mozilla" }, { "branches": [ { "category": "product_name", "name": "RIM BlackBerry Desktop-Software", "product": { "name": "RIM BlackBerry Desktop-Software", "product_id": "T004045", "product_identification_helper": { "cpe": "cpe:/a:rim:blackberry_desktop_software:-" } } }, { "category": "product_name", "name": "RIM BlackBerry Enterprise Server 5", "product": { "name": "RIM BlackBerry Enterprise Server 5", "product_id": "T004044", "product_identification_helper": { "cpe": "cpe:/a:rim:blackberry_enterprise_server:5" } } }, { "category": "product_name", "name": "RIM BlackBerry Enterprise Service 10", "product": { "name": "RIM BlackBerry Enterprise Service 10", "product_id": "T001891", "product_identification_helper": { "cpe": "cpe:/a:rim:blackberry_enterprise_service:10" } } } ], "category": "vendor", "name": "rim" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-3566", "notes": [ { "category": "description", "text": "Im Protokoll-Design von SSL 3.0 besteht eine Schwachstelle in Verbindung mit dem Cipher-Block-Chaining (CBC) Modus. Die Schwachstelle beruht auf dem nicht-deterministischen Paddingverfahren, welches nicht durch den Message Authentication Code (MAC) abgesichert ist. Zur Ausnutzung dieser Schwachstelle muss sich der Angreifer per Man-in-the-Middle Angriff in eine HTTPS-Verbindung eines Opfers zum Server einklinken und im Kontext des Opfers mit dem Server kommunizieren. In der Folge kann ein Angreifer durch ein Protokoll Downgrade auf SSL 3.0 die entsprechende SSL-Session entschl\u00fcsseln, um somit vertrauliche Informationen, wie z. B. cookie-basierte Authentifizierungen, zu erhalten. TLS 1.0, TLS 1.1, TLS 1.2 und Cipher Suites, die kein CBC Mode verwenden, sind nicht von dieser Schwachstelle betroffen." } ], "product_status": { "known_affected": [ "T004033", "186515", "T003343", "106566", "T002774", "106564", "T015844", "186511", "T001605", "T000512", "T002139", "T002138", "T002137", "5930", "T000078", "T001045", "70427", "T004030", "T004031", "9619", "T004032", "T005120", "T004028", "T004029", "253293", "T005119", "T002529", "T001830", "T003291", "199316", "T004020", "160428", "T002673", "T004059", "4871", "77491", "78341", "1359", "144574", "T000535", "T000534", "142951", "T002140", "T004044", "T003110", "T004045", "7356", "185379", "185378", "185377", "T000518", "77489", "T000523", "T001572", "T004042", "1889", "T004043", "T009408", "106522", "T004914", "T003827", "T000556", "T000310", "T000552", "T003260", "160711", "160432", "T003259", "T000548", "T002207", "T026434", "T000540", "T004060", "T004061", "T004062", "T026432", "7660", "T003287", "T002870", "T003288", "T002871", "67646", "T002872", "T003686", "T003687", "T004019", "T004932", "699", "5119", "T000173", "T004089", "5094", "T001412", "T001411", "T001410", "106503", "1727", "T001891", "T001373", "T004482" ] }, "release_date": "2014-10-14T22:00:00Z", "title": "CVE-2014-3566" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.