WID-SEC-W-2023-1996
Vulnerability from csaf_certbund - Published: 2016-12-19 23:00 - Updated: 2026-01-12 23:00Summary
OpenSSH: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 | ||
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 |
Vulnerability 5
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
NetApp Data ONTAP
NetApp
|
cpe:/a:netapp:data_ontap:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
Palo Alto Networks PAN-OS
Palo Alto Networks
|
cpe:/o:paloaltonetworks:pan-os:-
|
— | |
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 | ||
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— |
Vulnerability 6
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Moxa Switch <5.0.4
Moxa / Switch
|
<5.0.4 | ||
|
Open Source OpenSSH <7.4
Open Source / OpenSSH
|
<7.4 | ||
|
Moxa Switch <4.1.58
Moxa / Switch
|
<4.1.58 | ||
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 |
References
29 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1996 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-1996.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1996 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1996"
},
{
"category": "external",
"summary": "OpenSSH 7.4 Release vom 2016-12-19",
"url": "http://www.openssh.com/txt/release-7.4"
},
{
"category": "external",
"summary": "SecurityTracker Alert ID 1037490 vom 2016-12-19",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory: FreeBSD-SA-17:01.openssh.asc",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0264-1 vom 2017-01-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K64292204 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K64292204"
},
{
"category": "external",
"summary": "F5 Security Advisory K31440025 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K31440025"
},
{
"category": "external",
"summary": "F5 Security Advisory K62201745 vom 2017-01-27",
"url": "https://support.f5.com/csp/article/K62201745"
},
{
"category": "external",
"summary": "IBM Security Advisory openssh_advisory10.asc",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory10.asc"
},
{
"category": "external",
"summary": "The FreeBSD Project Security Advisory: FreeBSD-SA-17:01.openssh",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0603-1 vom 2017-03-03",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170603-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0607-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0606-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170606-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:1661-1 vom 2017-06-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1.html"
},
{
"category": "external",
"summary": "RedHat Security Advisory: RHSA-2017:2029",
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3538-1 vom 2018-01-22",
"url": "http://www.ubuntu.com/usn/usn-3538-1/"
},
{
"category": "external",
"summary": "McAfee Security Bulletin: SB10239",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10239"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2275-1 vom 2018-08-10",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182275-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2685-1 vom 2018-09-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182685-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2719-1 vom 2018-09-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182719-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3540-1 vom 2018-10-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183540-1.html"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-SA-2020-0005 vom 2020-05-13",
"url": "https://security.paloaltonetworks.com/PAN-SA-2020-0005"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11169 vom 2021-04-16",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11169"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2176 vom 2023-08-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2176.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1802 vom 2023-08-23",
"url": "https://alas.aws.amazon.com/ALAS-2023-1802.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-256261 vom 2026-01-09",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256261-cve-2023-38408-openssh-vulnerability-in-ethernet-switches"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256856 vom 2026-01-13",
"url": "https://www.ibm.com/support/pages/node/7256856"
}
],
"source_lang": "en-US",
"title": "OpenSSH: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-12T23:00:00.000+00:00",
"generator": {
"date": "2026-01-13T09:05:55.124+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2023-1996",
"initial_release_date": "2016-12-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-10T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-29T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "10",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-22T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2017-03-05T23:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "15",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-06-26T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2017-08-01T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2017-08-07T22:00:00.000+00:00",
"number": "18",
"summary": "Added references"
},
{
"date": "2018-06-13T22:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "21",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "22",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-23T22:00:00.000+00:00",
"number": "23",
"summary": "Added references"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "24",
"summary": "Produkte erg\u00e4nzt"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2018-09-16T22:00:00.000+00:00",
"number": "26",
"summary": "New remediations available"
},
{
"date": "2018-10-29T23:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2020-05-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Palo Alto Networks aufgenommen"
},
{
"date": "2021-04-15T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-08T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von moxa aufgenommen"
},
{
"date": "2026-01-12T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "34"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.9.1",
"product": {
"name": "IBM Security Verify Access \u003c10.0.9.1",
"product_id": "T049459"
}
},
{
"category": "product_version",
"name": "10.0.9.1",
"product": {
"name": "IBM Security Verify Access 10.0.9.1",
"product_id": "T049459-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:v10.0.9.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.2",
"product": {
"name": "IBM Security Verify Access \u003c11.0.2",
"product_id": "T049460"
}
},
{
"category": "product_version",
"name": "11.0.2",
"product": {
"name": "IBM Security Verify Access 11.0.2",
"product_id": "T049460-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:11.0.2"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.1.58",
"product": {
"name": "Moxa Switch \u003c4.1.58",
"product_id": "T049803"
}
},
{
"category": "product_version",
"name": "4.1.58",
"product": {
"name": "Moxa Switch 4.1.58",
"product_id": "T049803-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:4.1.58"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.0.4",
"product": {
"name": "Moxa Switch \u003c5.0.4",
"product_id": "T049804"
}
},
{
"category": "product_version",
"name": "5.0.4",
"product": {
"name": "Moxa Switch 5.0.4",
"product_id": "T049804-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:5.0.4"
}
}
}
],
"category": "product_name",
"name": "Switch"
}
],
"category": "vendor",
"name": "Moxa"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.4",
"product": {
"name": "Open Source OpenSSH \u003c7.4",
"product_id": "8223"
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "Open Source OpenSSH 7.4",
"product_id": "8223-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openssh:-"
}
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Palo Alto Networks PAN-OS",
"product": {
"name": "Palo Alto Networks PAN-OS",
"product_id": "T012790",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:-"
}
}
}
],
"category": "vendor",
"name": "Palo Alto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"product_status": {
"known_affected": [
"8223",
"67646",
"4035",
"T049460",
"T034583",
"5094",
"T049804",
"T049803",
"T014381",
"T002207",
"T000126",
"398363",
"T049459",
"T004571"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"product_status": {
"known_affected": [
"T049804",
"8223",
"T049803",
"T014381",
"T002207",
"4035",
"T000126",
"T049460",
"T034583",
"398363",
"T049459"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"product_status": {
"known_affected": [
"T049804",
"8223",
"T049803",
"T014381",
"T002207",
"67646",
"T000126",
"T049460",
"T034583",
"398363",
"T049459"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"product_status": {
"known_affected": [
"T049804",
"8223",
"T049803",
"T014381",
"T002207",
"67646",
"T000126",
"T049460",
"T034583",
"398363",
"T049459"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10012"
},
{
"product_status": {
"known_affected": [
"8223",
"67646",
"4035",
"T049460",
"7654",
"T034583",
"5094",
"T012790",
"T049804",
"T049803",
"T014381",
"T002207",
"T000126",
"5930",
"398363",
"T049459",
"T004571"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
},
{
"product_status": {
"known_affected": [
"T049804",
"8223",
"T049803",
"T014381",
"T002207",
"T000126",
"T049460",
"T034583",
"398363",
"T049459"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…