Vulnerabilites related to ibm - security_access_manager_for_web_8.0_firmware
Vulnerability from fkie_nvd
Published
2016-02-15 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7E463425-45EA-4A7B-B034-694DBB944A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3135C99C-2BFD-42B5-8AF0-EC8420C91B3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CCED596D-1737-4DB2-9A24-C0864A6727ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F6AC6B-9B8C-4026-BD61-5EA5F8ABEE51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D331E67E-25D3-4C34-8118-49E2A8B29D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."
},
{
"lang": "es",
"value": "IBM Security Access Manager for Web 7.0 en versiones anteriores a 7.0.0 IF21, 8.0 en versiones anteriores a 8.0.1.3 IF4 y 9.0 en versiones anteriores a 9.0.0.1 IF1 no tiene un mecanismo de bloqueo para intentos de inicio de sesi\u00f3n no v\u00e1lidos, lo que facilita a atacantes remotos obtener acceso a trav\u00e9s de un ataque de fuerza bruta."
}
],
"id": "CVE-2015-5010",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-15T02:59:05.637",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80694"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80728"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995446 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/95107 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995446 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95107 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5ACB34-BC23-4175-9F6A-91FB6762A040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n sensible, causada por el error de habilitar correctamente HTTP Strict Transport Security. Un atacante podr\u00eda explotar esta vulnerabilidad para obtener informaci\u00f3n sensible utilizando t\u00e9cnicas man-in-the-middle."
}
],
"id": "CVE-2016-3043",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.770",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995446"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95107"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-02 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D331E67E-25D3-4C34-8118-49E2A8B29D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access."
},
{
"lang": "es",
"value": "IBM Security Access Manager for Web 7.0.0 en versiones anteriores a FP19 y 8.0 en versiones anteriores a 8.0.1.3 IF3 y Security Access Manager 9.0 en versiones anteriores a 9.0.0.0 IF1, permite a usuarios remotos autenticados ejecutar comandos del SO arbitrarios aprovechando el acceso Local Management Interface (LMI)."
}
],
"id": "CVE-2015-5018",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-02T05:59:03.800",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1034560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034560"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-25 01:55
Modified
2025-04-12 10:46
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
Impacted products
{
"cisaActionDue": "2022-07-28",
"cisaExploitAdd": "2022-01-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
"versionEndIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
"versionEndExcluding": "4.9.12",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
"versionEndExcluding": "4.10.9",
"versionStartIncluding": "4.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
"versionEndExcluding": "4.11.11",
"versionStartIncluding": "4.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
"versionEndExcluding": "4.12.9",
"versionStartIncluding": "4.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
"versionEndExcluding": "4.13.9",
"versionStartIncluding": "4.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
"versionEndExcluding": "4.14.4f",
"versionStartIncluding": "4.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
"versionEndExcluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
"matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
"matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
"versionEndIncluding": "1.0.0.4",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
"versionEndIncluding": "1.1.0.4",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
"matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
"matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
"matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
"matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
"matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
"matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
"matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
"matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
"versionEndIncluding": "3.1.0.7",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
"versionEndExcluding": "1.4.3.5",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
"versionEndExcluding": "1.5.0.4",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
"matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
"versionEndExcluding": "r77.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
"versionEndIncluding": "4.0.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
"versionEndExcluding": "9.3.67.5r1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
"versionEndExcluding": "10.1.129.11r1",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
"versionEndExcluding": "10.5.52.11r1",
"versionStartIncluding": "10.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
"versionEndExcluding": "10.10.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
"matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
"matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
},
{
"lang": "es",
"value": "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales despu\u00e9s de la definici\u00f3n malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a trav\u00e9s de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash. Nota: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-6271."
}
],
"id": "CVE-2014-7169",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2014-09-25T01:55:04.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61479"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61618"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61619"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61622"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61626"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-03 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE7B275-7B8D-45F9-86A5-8F4A4484F2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "842C3B2E-4807-4150-AD45-620ACC88423F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors."
},
{
"lang": "es",
"value": "El componente WebSEAL en IBM Security Access Manager for Web 7.x anterior a 7.0.0-ISS-WGA-IF0009 y 8.x anterior a 8.0.0-ISS-WGA-FP0005, cuando e-community SSO est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue del componente) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-4809",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-03T01:55:07.237",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-21 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "673DB620-B3D4-431D-A8F8-0EA4F53EC3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97CBEC75-1164-4E25-8D32-DBA39C6E8A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
},
{
"lang": "es",
"value": "Local Management Interface (LMI) en IBM Security Access Manager (ISAM) for Mobile 8.0 con firmware 8.0.0.0 hasta 8.0.0.3 y IBM Security Access Manager for Web 7.0 y 8.0 con firmware 8.0.0.2 y 8.0.0.3, permite a atacantes remotos evadir autenticaci\u00f3n a trav\u00e9s de una acci\u00f3n de inicio de sesi\u00f3n con credenciales inv\u00e1lidas."
}
],
"id": "CVE-2014-3053",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-21T15:55:03.870",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59381"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/68132"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-07 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21996826 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21996826 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5ACB34-BC23-4175-9F6A-91FB6762A040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web 7.0.0, 8.0.0 y 9.0.0 podr\u00eda permitir a un atacante remoto eludir las restricciones de seguridad, causada por la validaci\u00f3n del contenido indebido. Al persuadir a una v\u00edctima para abrir contenido especialmente manipulado, un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir la validaci\u00f3n y cargar una p\u00e1gina con contenido malicioso."
}
],
"id": "CVE-2016-3020",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-07T16:59:00.150",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996826"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995518 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995518 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web procesa parches, copias de seguridad de im\u00e1genes y otras actualizaciones sin verificar suficientemente el origen y la integridad del c\u00f3digo, lo que podr\u00edan permitir a un atacante autenticado cargar c\u00f3digo malicioso."
}
],
"id": "CVE-2016-3016",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.427",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995518"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21993722 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/96090 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1037792 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21993722 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96090 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037792 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_9.0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86981E3-B9F4-4C49-AFF3-07E6C3FFD452",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access."
},
{
"lang": "es",
"value": "El aparato IBM Security Access Manager incluye archivos de configuraci\u00f3n que contienen contrase\u00f1as de texto claro obfuscadas a las que pueden acceder usuarios autenticados."
}
],
"id": "CVE-2015-5013",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T19:59:00.213",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993722"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96090"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037792"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-15 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_access_manager_9.0_firmware | 9.0.0 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.1 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.2 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.3 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.5 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.1 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.1.0 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D331E67E-25D3-4C34-8118-49E2A8B29D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en IBM Security Access Manager for Web 8.0 en versiones anteriores a 8.0.1.3 IF4 y 9.0 en versiones anteriores a 9.0.0.1 IF1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2015-8531",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-15T02:59:14.107",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80692"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web podr\u00eda permitir a un usuario no autenticado obtener acceso a informaci\u00f3n sensible introduciendo nombres de archivo no v\u00e1lidos."
}
],
"id": "CVE-2016-3023",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.583",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995348"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/96124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96124"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web es vulnerable a la falsificaci\u00f3n de solicitudes de sitios cruzados que podr\u00edan permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario que conf\u00eda en el sitio web."
}
],
"id": "CVE-2016-3029",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.677",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995345"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/96133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96133"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-24 18:48
Modified
2025-04-12 10:46
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
Impacted products
{
"cisaActionDue": "2022-07-28",
"cisaExploitAdd": "2022-01-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
"versionEndIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
"versionEndExcluding": "4.9.12",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
"versionEndExcluding": "4.10.9",
"versionStartIncluding": "4.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
"versionEndExcluding": "4.11.11",
"versionStartIncluding": "4.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
"versionEndExcluding": "4.12.9",
"versionStartIncluding": "4.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
"versionEndExcluding": "4.13.9",
"versionStartIncluding": "4.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
"versionEndExcluding": "4.14.4f",
"versionStartIncluding": "4.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
"versionEndExcluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
"matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
"matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
"versionEndIncluding": "1.0.0.4",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
"versionEndIncluding": "1.1.0.4",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
"matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
"matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
"matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
"matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
"matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
"matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
"matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
"matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
"matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
"matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
"matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
"matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
"matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
"matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
"matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
"matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
"matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
"matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
"matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
"matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
"matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
"versionEndIncluding": "3.1.0.7",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
"versionEndExcluding": "1.4.3.5",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
"versionEndExcluding": "1.5.0.4",
"versionStartIncluding": "1.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
"versionEndExcluding": "7.1.0.11",
"versionStartIncluding": "1.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
"versionEndExcluding": "7.2.0.9",
"versionStartIncluding": "7.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
"versionEndExcluding": "7.3.0.7",
"versionStartIncluding": "7.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
"versionEndExcluding": "3.8.0.07",
"versionStartIncluding": "3.8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
"versionEndExcluding": "3.9.1.08",
"versionStartIncluding": "3.9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
"versionEndExcluding": "4.1.2.06",
"versionStartIncluding": "4.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
"matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
"versionEndExcluding": "r77.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
"versionEndIncluding": "11.5.1",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
"versionEndIncluding": "10.2.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
"versionEndIncluding": "4.0.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
"versionEndExcluding": "9.3.67.5r1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
"versionEndExcluding": "10.1.129.11r1",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
"versionEndExcluding": "10.5.52.11r1",
"versionStartIncluding": "10.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
"versionEndExcluding": "10.10.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
"matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
"matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
},
{
"lang": "es",
"value": "GNU Bash hasta la versi\u00f3n 4.3 procesa cadenas finales despu\u00e9s de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un entorno manipulado, tal como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash, tambi\u00e9n conocido como \"ShellShock.\" NOTA: la reparaci\u00f3n original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todav\u00eda est\u00e1 presente despu\u00e9s de la soluci\u00f3n incorrecta."
}
],
"id": "CVE-2014-6271",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2014-09-24T18:48:04.477",
"references": [
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61542"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61547"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "security@debian.org",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "security@debian.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/62343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/shellshock/"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web podr\u00eda permitir a un atacante autenticado obtener informaci\u00f3n sensible de un mensaje de error utilizando una petici\u00f3n HTTP especialmente manipulada."
}
],
"id": "CVE-2016-3021",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.520",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995436"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/96114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96114"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-01 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911 | ||
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913 | ||
| psirt@us.ibm.com | http://www-01.ibm.com/support/docview.wss?uid=swg21699497 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.kb.cert.org/vuls/id/550620 | Third Party Advisory, US Government Resource | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/73683 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21699497 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/550620 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/73683 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_access_manager_for_web_7.0_firmware | * | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.1 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.2 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.3 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.4 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.5 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91E58642-AE2A-40BA-93B3-4851452104F6",
"versionEndIncluding": "7.0.0.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE7B275-7B8D-45F9-86A5-8F4A4484F2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets."
},
{
"lang": "es",
"value": "El contestador Multicast DNS (mDNS) en IBM Security Access Manager for Web 7.x anterior a 7.0.0 FP12 y 8.x anterior a 8.0.1 FP1 responde inadvertidamente a consultas unicast con direcciones de fuentes que no son enlazadas locales, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (amplificaci\u00f3n de trafico) u obtener informaci\u00f3n potencialmente sensible a trav\u00e9s de paquetes UDP del puerto 5353."
}
],
"id": "CVE-2015-1892",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-01T02:00:32.220",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/550620"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/550620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73683"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995531 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/95295 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1038506 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995531 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95295 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038506 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service."
},
{
"lang": "es",
"value": "IBM Single Sign On para Bluemix podr\u00edan permitir a un atacante remoto obtener informaci\u00f3n sensible, provocado por un error de entidad externa XML (XXE) al procesar datos XML por el analizador XML. Un atacante remoto podr\u00eda explotar esta vulnerabilidad para leer archivos arbitrarios del sistema o provocar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2016-2908",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.300",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995531"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95295"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1038506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038506"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-15 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7E463425-45EA-4A7B-B034-694DBB944A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3135C99C-2BFD-42B5-8AF0-EC8420C91B3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D331E67E-25D3-4C34-8118-49E2A8B29D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de SSH en IBM Security Access Manager for Web appliances 7.0 en versiones anteriores a 7.0.0 FP19, 8.0 en versiones anteriores a 8.0.1.3 IF3 y 9.0 en versiones anteriores a 9.0.0.0 IF1 no restringe adecuadamente el conjunto de algoritmos MAC, lo que facilita a atacantes remotos vencer los mecanismos de protecci\u00f3n criptogr\u00e1fica a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-5012",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-15T02:59:06.577",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web permite que las p\u00e1ginas web se almacenen localmente y que puedan ser le\u00eddas por otro usuario del sistema."
}
],
"id": "CVE-2016-3024",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.613",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/96132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96132"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995527 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/95104 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995527 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95104 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web es vulnerable a la inyecci\u00f3n SQL. Un atacante remoto podr\u00eda enviar sentencias SQL especialmente manipuladas que podr\u00edan permitir al atacante ver informaci\u00f3n en back-end de la base de datos."
}
],
"id": "CVE-2016-3046",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.847",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995527"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95104"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995360 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/96130 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995360 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96130 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web podr\u00eda permitir a un usuario autenticado obtener acceso a informaci\u00f3n altamente sensible debido a permisos de archivos incorrectos."
}
],
"id": "CVE-2016-3022",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.550",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995360"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96130"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-275"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-10 17:29
Modified
2024-11-21 03:21
Severity ?
Summary
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22012331 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1040170 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/128378 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22012331 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040170 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/128378 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378."
},
{
"lang": "es",
"value": "IBM Security Access Manager Appliance 8.0.0 y 9.0.0 especifica permisos para un recurso cr\u00edtico para la seguridad de forma que permite que ese recurso sea le\u00eddo o modificado por actores no planeados. IBM X-Force ID: 128378."
}
],
"id": "CVE-2017-1459",
"lastModified": "2024-11-21T03:21:54.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-10T17:29:00.750",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012331"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040170"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-21 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.2 | |
| ibm | security_access_manager_for_web_8.0_firmware | 8.0.0.3 | |
| ibm | security_access_manager_for_web_appliance | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance."
},
{
"lang": "es",
"value": "La funcionalidad de proxy inverso en IBM Security Access Manager (ISAM) for Web 8.0 con firmware 8.0.0.2 y 8.0.0.3 interpreta el par\u00e1metro jct-nist-compliance de la forma opuesta de la intencionada, lo que facilita a atacantes remotos obtener informaci\u00f3n sensible mediante el aprovechamiento de configuraciones de codificaci\u00f3n SSL d\u00e9biles que carecen del cumplimiento NIST SP 800-131A."
}
],
"id": "CVE-2014-3052",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-21T15:55:03.807",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61553"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93454"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-16 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5ACB34-BC23-4175-9F6A-91FB6762A040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35BD8955-4735-4FDC-906A-B404C4E36417",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6921A2CC-67D0-41B5-908B-F002C14AFD70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B95177-2AA3-45D4-895D-56CA35B32813",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868."
},
{
"lang": "es",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0 y 9.0.0 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente sensible. Referencia de IBM: 1996868."
}
],
"id": "CVE-2016-5919",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-16T20:59:00.130",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996868"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1037855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037855"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg21995519 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg21995519 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A91ADDFE-9362-4D7E-B623-D662D81382E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E0F31E-EB32-4442-91BE-95A9625F308F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701D729E-A817-4525-ADD9-EC810326B9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E5883F2E-83F4-4630-813B-21E533BA2CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FB9953-91A1-47BB-B6BF-088FA75BEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B0192-465A-48EF-8B51-FC6BC6EC464A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3E40F5AD-E090-4D0B-A580-D794F60215DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5BD4D1-DD9B-4845-AF17-9B813C748D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web podr\u00edan permitir a un atacante remoto obtener informaci\u00f3n sensible debido a errores de configuraci\u00f3n de seguridad."
}
],
"id": "CVE-2016-3017",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.457",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995519"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-03 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DBCDA9-E7D5-4DD4-933F-93EE8B954671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322E1B80-97BF-407E-AEFC-DD866F81B1CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "842C3B2E-4807-4150-AD45-620ACC88423F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE7B275-7B8D-45F9-86A5-8F4A4484F2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la interfaz de la gesti\u00f3n local en IBM Security Access Manager for Web 7.x anterior a 7.0.0-ISS-WGA-IF0009 y 8.x anterior a 8.0.0-ISS-WGA-FP0005, y Security Access Manager for Mobile 8.x anterior a 8.0.0-ISS-ISAM-FP0005, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una URL manipulada."
}
],
"id": "CVE-2014-6079",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-03T01:55:07.407",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/70197"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources."
},
{
"lang": "es",
"value": "IBM Security Access Manager para Web es vulnerable a una denegaci\u00f3n de servicio, causada por un error de entidad externa XML (XXE) al procesar datos XML. Un atacante remoto podr\u00eda explotar esta vulnerabilidad para exponer informaci\u00f3n altamente sensible o consumir todos los recursos de memoria disponibles."
}
],
"id": "CVE-2016-3027",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T20:59:00.643",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994440"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/96127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96127"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-03 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "842C3B2E-4807-4150-AD45-620ACC88423F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE7B275-7B8D-45F9-86A5-8F4A4484F2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DBCDA9-E7D5-4DD4-933F-93EE8B954671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322E1B80-97BF-407E-AEFC-DD866F81B1CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors."
},
{
"lang": "es",
"value": "La consola de administraci\u00f3n en IBM Security Access Manager for Web 7.x anterior a 7.0.0-ISS-WGA-IF0009 y 8.x anterior a 8.0.0-ISS-WGA-FP0005, y Security Access Manager for Mobile 8.x anterior a 8.0.0-ISS-ISAM-FP0005, permite a atacantes remotos inyectar comandos de sistema a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-4823",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-03T01:55:07.313",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-3046 (GCVE-0-2016-3046)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Data Manipulation
Summary
IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95104"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Data Manipulation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95104"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995527"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data Manipulation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95104"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995527",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995527"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3046",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4823 (GCVE-0-2014-4823)
Vulnerability from cvelistv5
Published
2014-10-03 01:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:27:36.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "ibm-sam-cve20144823-command-injection(95573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
},
{
"name": "IV64919",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "ibm-sam-cve20144823-command-injection(95573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
},
{
"name": "IV64919",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "ibm-sam-cve20144823-command-injection(95573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
},
{
"name": "IV64919",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-4823",
"datePublished": "2014-10-03T01:00:00",
"dateReserved": "2014-07-09T00:00:00",
"dateUpdated": "2024-08-06T11:27:36.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3024 (GCVE-0-2016-3024)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"
},
{
"name": "96132",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"
},
{
"name": "96132",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995340",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"
},
{
"name": "96132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3024",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3016 (GCVE-0-2016-3016)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995518"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-01T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995518"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995518",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995518"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3016",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5018 (GCVE-0-2015-5018)
Vulnerability from cvelistv5
Published
2016-01-02 02:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV78768",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"name": "IV78780",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name": "1034560",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034560"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV78768",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"name": "IV78780",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name": "1034560",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034560"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-5018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV78768",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970510"
},
{
"name": "IV78780",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name": "1034560",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034560"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-5018",
"datePublished": "2016-01-02T02:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:32.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6079 (GCVE-0-2014-6079)
Vulnerability from cvelistv5
Published
2014-10-03 01:00
Modified
2024-08-06 12:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:03:02.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "70197",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70197"
},
{
"name": "IV64919",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "ibm-sam-cve20146079-xss(95763)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "70197",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70197"
},
{
"name": "IV64919",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "ibm-sam-cve20146079-xss(95763)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "70197",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70197"
},
{
"name": "IV64919",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "ibm-sam-cve20146079-xss(95763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6079",
"datePublished": "2014-10-03T01:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:03:02.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3052 (GCVE-0-2014-3052)
Vulnerability from cvelistv5
Published
2014-06-21 15:00
Modified
2024-08-06 10:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705"
},
{
"name": "IV61553",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61553"
},
{
"name": "ibm-isam-cve20143052-encryption(93454)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93454"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705"
},
{
"name": "IV61553",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61553"
},
{
"name": "ibm-isam-cve20143052-encryption(93454)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93454"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676705"
},
{
"name": "IV61553",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61553"
},
{
"name": "ibm-isam-cve20143052-encryption(93454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93454"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3052",
"datePublished": "2014-06-21T15:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1892 (GCVE-0-2015-1892)
Vulnerability from cvelistv5
Published
2015-04-01 01:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73683",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73683"
},
{
"name": "VU#550620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/550620"
},
{
"name": "IV70911",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911"
},
{
"name": "IV70913",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-22T16:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "73683",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73683"
},
{
"name": "VU#550620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/550620"
},
{
"name": "IV70911",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911"
},
{
"name": "IV70913",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73683"
},
{
"name": "VU#550620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/550620"
},
{
"name": "IV70911",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70911"
},
{
"name": "IV70913",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70913"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1892",
"datePublished": "2015-04-01T01:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3027 (GCVE-0-2016-3027)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994440"
},
{
"name": "96127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994440"
},
{
"name": "96127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96127"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21994440",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994440"
},
{
"name": "96127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96127"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3027",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8531 (GCVE-0-2015-8531)
Vulnerability from cvelistv5
Published
2016-02-15 02:00
Modified
2024-08-06 08:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:42.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV80692",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-02-15T02:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV80692",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-8531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV80692",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80692"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-8531",
"datePublished": "2016-02-15T02:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-06T08:20:42.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3023 (GCVE-0-2016-3023)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995348"
},
{
"name": "96124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995348"
},
{
"name": "96124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995348",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995348"
},
{
"name": "96124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3023",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5010 (GCVE-0-2015-5010)
Vulnerability from cvelistv5
Published
2016-02-15 02:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508"
},
{
"name": "IV80728",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80728"
},
{
"name": "IV80694",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80694"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-02-15T02:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508"
},
{
"name": "IV80728",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80728"
},
{
"name": "IV80694",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80694"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-5010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970508"
},
{
"name": "IV80728",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80728"
},
{
"name": "IV80694",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80694"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-5010",
"datePublished": "2016-02-15T02:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5919 (GCVE-0-2016-5919)
Vulnerability from cvelistv5
Published
2017-02-16 20:00
Modified
2024-08-06 01:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 Version: 9.0.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
},
{
"status": "affected",
"version": "9.0.2.0"
}
]
}
],
"datePublic": "2017-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1037855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996868"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
},
{
"version_value": "9.0.2.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037855"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996868",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996868"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5919",
"datePublished": "2017-02-16T20:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6271 (GCVE-0-2014-6271)
Vulnerability from cvelistv5
Published
2014-09-24 18:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:13.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61715"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60063"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2014-6271",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:45:49.549420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-01-28",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:46:49.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-01-28T00:00:00+00:00",
"value": "CVE-2014-6271 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:37:05.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "37816",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61715"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60063"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-6271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37816",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37816/"
},
{
"name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "SUSE-SU-2014:1223",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "HPSBMU03165",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "SSRT101816",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "39918",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39918/"
},
{
"name": "HPSBHF03119",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "RHSA-2014:1295",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
},
{
"name": "openSUSE-SU-2014:1226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
},
{
"name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/",
"refsource": "CONFIRM",
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
"refsource": "CONFIRM",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "HPSBST03196",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
},
{
"name": "61188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61188"
},
{
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "JVN#55667175",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61676"
},
{
"name": "40619",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40619/"
},
{
"name": "openSUSE-SU-2014:1254",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60433"
},
{
"name": "38849",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38849/"
},
{
"name": "HPSBMU03143",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "SUSE-SU-2014:1260",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
},
{
"name": "HPSBST03155",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61715"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "USN-2362-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2362-1"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61654"
},
{
"name": "61542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61542"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015701",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "SSRT101868",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61703"
},
{
"name": "http://support.apple.com/kb/HT6495",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61065"
},
{
"name": "SUSE-SU-2014:1213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
},
{
"name": "HPSBST03129",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "70103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70103"
},
{
"name": "JVNDB-2014-000126",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "SUSE-SU-2014:1212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
},
{
"name": "61641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61641"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"name": "https://access.redhat.com/node/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
},
{
"name": "SUSE-SU-2014:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "RHSA-2014:1293",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "openSUSE-SU-2014:1238",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
},
{
"name": "HPSBMU03220",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60325"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60024"
},
{
"name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "https://access.redhat.com/articles/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62343"
},
{
"name": "61565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61565"
},
{
"name": "https://www.suse.com/support/shellshock/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61485"
},
{
"name": "60947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60947"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "HPSBST03265",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60193"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1294.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
},
{
"name": "60063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60063"
},
{
"name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
},
{
"name": "60034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
"refsource": "MISC",
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61643"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61503"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "40938",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40938/"
},
{
"name": "HPSBGN03117",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"name": "http://support.novell.com/security/cve/CVE-2014-6271.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "61547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61547"
},
{
"name": "HPSBHF03145",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
"refsource": "CONFIRM",
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61780"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"name": "https://support.citrix.com/article/CTX200223",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "DSA-3032",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3032"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61291"
},
{
"name": "RHSA-2014:1294",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
},
{
"name": "HPSBHF03125",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
},
{
"name": "SSRT101739",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0388.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0388.html"
},
{
"name": "61128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61128"
},
{
"name": "https://support.citrix.com/article/CTX200217",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61633"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1293.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "61328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "42938",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42938/"
},
{
"name": "61129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61857"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-6271",
"datePublished": "2014-09-24T18:00:00.000Z",
"dateReserved": "2014-09-09T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:46:49.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7169 (GCVE-0-2014-7169)
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61654"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61622"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62343"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2014-7169",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T19:31:47.209255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-01-28",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-7169"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:46:49.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-01-28T00:00:00+00:00",
"value": "CVE-2014-7169 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:41:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61654"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61622"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62343"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61643"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200223"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"name": "HPSBMU03165",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"name": "HPSBHF03119",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
"refsource": "CONFIRM",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
},
{
"name": "HPSBST03131",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"name": "SSRT101819",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"name": "HPSBMU03245",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"name": "61188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61188"
},
{
"name": "JVN#55667175",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN55667175/index.html"
},
{
"name": "61676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61676"
},
{
"name": "openSUSE-SU-2014:1254",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"name": "60433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60433"
},
{
"name": "HPSBMU03143",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"name": "HPSBMU03182",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"name": "RHSA-2014:1306",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
},
{
"name": "HPSBST03155",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"name": "61715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61715"
},
{
"name": "USN-2363-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2363-2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"name": "61816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61816"
},
{
"name": "openSUSE-SU-2014:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"name": "61442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61442"
},
{
"name": "HPSBMU03246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"name": "HPSBST03195",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61283"
},
{
"name": "SSRT101711",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
},
{
"name": "openSUSE-SU-2014:1308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"name": "61654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61654"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015701",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
},
{
"name": "62312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62312"
},
{
"name": "59272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59272"
},
{
"name": "HPSBST03122",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"name": "HPSBMU03217",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "RHSA-2014:1312",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "USN-2363-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2363-1"
},
{
"name": "SSRT101868",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61703"
},
{
"name": "http://support.apple.com/kb/HT6495",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6495"
},
{
"name": "VU#252743",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"name": "61065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61065"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3075.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
},
{
"name": "HPSBST03129",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"name": "HPSBMU03144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"name": "http://support.novell.com/security/cve/CVE-2014-7169.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"name": "JVNDB-2014-000126",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
},
{
"name": "SSRT101827",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"name": "TA14-268A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
},
{
"name": "61641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61641"
},
{
"name": "SUSE-SU-2014:1247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
},
{
"name": "https://access.redhat.com/node/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/node/1200223"
},
{
"name": "SUSE-SU-2014:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/0"
},
{
"name": "MDVSA-2015:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
},
{
"name": "61619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61619"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3078.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
},
{
"name": "HPSBMU03220",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"name": "60325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60325"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "60024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60024"
},
{
"name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
},
{
"name": "34879",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"name": "61622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61622"
},
{
"name": "https://access.redhat.com/articles/1200223",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1200223"
},
{
"name": "62343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62343"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0393.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0393.html"
},
{
"name": "61565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61565"
},
{
"name": "https://www.suse.com/support/shellshock/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/shellshock/"
},
{
"name": "HPSBST03157",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"name": "61313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61313"
},
{
"name": "SSRT101742",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"name": "61873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61873"
},
{
"name": "61485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61485"
},
{
"name": "openSUSE-SU-2014:1242",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"name": "61618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61618"
},
{
"name": "60947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60947"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "HPSBST03154",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
},
{
"name": "HPSBGN03142",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"name": "61312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61312"
},
{
"name": "60193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60193"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
},
{
"name": "61479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61479"
},
{
"name": "60063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60063"
},
{
"name": "60034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60034"
},
{
"name": "HPSBMU03133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
"refsource": "MISC",
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"name": "59907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59907"
},
{
"name": "58200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58200"
},
{
"name": "HPSBST03181",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"name": "61643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61643"
},
{
"name": "http://twitter.com/taviso/statuses/514887394294652929",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"name": "61503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61503"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"name": "RHSA-2014:1354",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
},
{
"name": "HPSBGN03117",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
},
{
"name": "HPSBHF03145",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
"refsource": "CONFIRM",
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"name": "HPSBST03148",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"name": "61552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61552"
},
{
"name": "61780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61780"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
},
{
"name": "https://support.citrix.com/article/CTX200223",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200223"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3077.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"name": "62228",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62228"
},
{
"name": "HPSBGN03138",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"name": "61855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61855"
},
{
"name": "HPSBHF03124",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"name": "60044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60044"
},
{
"name": "61291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61291"
},
{
"name": "HPSBHF03125",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"name": "59737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59737"
},
{
"name": "61287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61287"
},
{
"name": "HPSBHF03146",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"name": "HPSBGN03233",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101739",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "61711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61711"
},
{
"name": "HPSBOV03228",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
},
{
"name": "HPSBGN03141",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"name": "RHSA-2014:1311",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
},
{
"name": "61128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61128"
},
{
"name": "DSA-3035",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"name": "https://support.citrix.com/article/CTX200217",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX200217"
},
{
"name": "61471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61471"
},
{
"name": "60055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60055"
},
{
"name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
},
{
"name": "61550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61550"
},
{
"name": "61633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61633"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1306.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
},
{
"name": "SUSE-SU-2014:1259",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"name": "61328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"name": "61129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61129"
},
{
"name": "61700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61700"
},
{
"name": "61626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61626"
},
{
"name": "61603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61603"
},
{
"name": "61857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61857"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7169",
"datePublished": "2014-09-25T01:00:00.000Z",
"dateReserved": "2014-09-24T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:46:49.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1459 (GCVE-0-2017-1459)
Vulnerability from cvelistv5
Published
2018-01-10 17:00
Modified
2024-09-17 00:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Security Access Manager |
Version: 9.0.0.1 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 Version: 9.0.2.0 Version: 8.0.1.5 Version: 9.0.2.1 Version: 9.0.3 Version: 9.0.3.1 Version: 8.0.1.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:30.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040170",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040170"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012331"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Security Access Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
},
{
"status": "affected",
"version": "9.0.2.0"
},
{
"status": "affected",
"version": "8.0.1.5"
},
{
"status": "affected",
"version": "9.0.2.1"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.3.1"
},
{
"status": "affected",
"version": "8.0.1.6"
}
]
}
],
"datePublic": "2018-01-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-12T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1040170",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040170"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012331"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-01-05T00:00:00",
"ID": "CVE-2017-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0.0.1"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
},
{
"version_value": "9.0.2.0"
},
{
"version_value": "8.0.1.5"
},
{
"version_value": "9.0.2.1"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.3.1"
},
{
"version_value": "8.0.1.6"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040170",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040170"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22012331",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012331"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1459",
"datePublished": "2018-01-10T17:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-17T00:07:01.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3017 (GCVE-0-2016-3017)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-01T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995519",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3017",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4809 (GCVE-0-2014-4809)
Vulnerability from cvelistv5
Published
2014-10-03 01:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:27:36.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "ibm-sam-cve20144809-dos(95376)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
},
{
"name": "IV64915",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "ibm-sam-cve20144809-dos(95376)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
},
{
"name": "IV64915",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "ibm-sam-cve20144809-dos(95376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
},
{
"name": "IV64915",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-4809",
"datePublished": "2014-10-03T01:00:00",
"dateReserved": "2014-07-09T00:00:00",
"dateUpdated": "2024-08-06T11:27:36.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5012 (GCVE-0-2015-5012)
Vulnerability from cvelistv5
Published
2016-02-15 02:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV78768",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name": "IV78780",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-02-15T02:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV78768",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name": "IV78780",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-5012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV78768",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768"
},
{
"name": "IV78780",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-5012",
"datePublished": "2016-02-15T02:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3021 (GCVE-0-2016-3021)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96114"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995436"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96114"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995436"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96114"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995436",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995436"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3021",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3022 (GCVE-0-2016-3022)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96130"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995360",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3022",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3029 (GCVE-0-2016-3029)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96133",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995345"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T10:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96133",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995345"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96133",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96133"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995345",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995345"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3029",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2908 (GCVE-0-2016-2908)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:13.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995531"
},
{
"name": "1038506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038506"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995531"
},
{
"name": "1038506",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038506"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95295"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995531",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995531"
},
{
"name": "1038506",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038506"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2908",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:13.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3053 (GCVE-0-2014-3053)
Vulnerability from cvelistv5
Published
2014-06-21 15:00
Modified
2024-08-06 10:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3053",
"datePublished": "2014-06-21T15:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3020 (GCVE-0-2016-3020)
Vulnerability from cvelistv5
Published
2017-02-07 16:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Bypass Security
Summary
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 Version: 9.0.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
},
{
"status": "affected",
"version": "9.0.2.0"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass Security",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-07T15:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996826"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
},
{
"version_value": "9.0.2.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996826",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996826"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3020",
"datePublished": "2017-02-07T16:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3043 (GCVE-0-2016-3043)
Vulnerability from cvelistv5
Published
2017-02-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995446"
},
{
"name": "95107",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995446"
},
{
"name": "95107",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995446",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995446"
},
{
"name": "95107",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3043",
"datePublished": "2017-02-01T20:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5013 (GCVE-0-2015-5013)
Vulnerability from cvelistv5
Published
2017-02-08 19:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Access Manager |
Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 7.0.0 Version: 8.0.0 Version: 8.0.0.1 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 8.0.1.4 Version: 9.0.0 Version: 9.0.1.0 Version: 9.0.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993722"
},
{
"name": "1037792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037792"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Access Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1.0"
},
{
"status": "affected",
"version": "9.0.2.0"
}
]
}
],
"datePublic": "2017-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993722"
},
{
"name": "1037792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037792"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-5013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Access Manager",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "7.0.0"
},
{
"version_value": "8.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "9.0.0"
},
{
"version_value": "9.0.1.0"
},
{
"version_value": "9.0.2.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96090"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21993722",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993722"
},
{
"name": "1037792",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037792"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-5013",
"datePublished": "2017-02-08T19:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}