Vulnerabilites related to netapp - ontap_tools
cve-2021-44228
Vulnerability from cvelistv5
Published
2021-12-10 00:00
Modified
2025-02-04 14:25
Severity ?
EPSS score ?
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Apache Software Foundation | Apache Log4j2 |
Version: 2.0-beta9 < log4j-core* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { tags: [ "x_transferred", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { tags: [ "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { tags: [ "x_transferred", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { tags: [ "x_transferred", ], url: "https://github.com/cisagov/log4j-affected-db", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213189", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { tags: [ "x_transferred", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-44228", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T14:25:34.416117Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-12-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-44228", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T14:25:37.215Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Apache Log4j2", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.3.1", status: "unaffected", }, { at: "2.4", status: "affected", }, { at: "2.12.2", status: "unaffected", }, { at: "2.13.0", status: "affected", }, { at: "2.15.0", status: "unaffected", }, ], lessThan: "log4j-core*", status: "affected", version: "2.0-beta9", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.", }, ], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, ], metrics: [ { other: { content: { other: "critical", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-03T00:00:00.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { name: "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { name: "DSA-5020", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { name: "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { name: "FEDORA-2021-f0f501d01f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { name: "Microsoft’s Response to CVE-2021-44228 Apache Log4j 2", tags: [ "vendor-advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { name: "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { name: "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { name: "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { name: "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "VU#930724", tags: [ "third-party-advisory", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { name: "FEDORA-2021-66d6c484f3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { name: "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { url: "https://github.com/cisagov/log4j-affected-db", }, { url: "https://support.apple.com/kb/HT213189", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { name: "20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44228", datePublished: "2021-12-10T00:00:00.000Z", dateReserved: "2021-11-26T00:00:00.000Z", dateUpdated: "2025-02-04T14:25:37.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0565
Vulnerability from cvelistv5
Published
2024-01-15 20:02
Modified
2024-11-15 15:27
Severity ?
EPSS score ?
Summary
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1188 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1404 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1532 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1533 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1607 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1614 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2093 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2394 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-0565 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2258518 | issue-tracking, x_refsource_REDHAT | |
https://www.spinics.net/lists/stable-commits/msg328851.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T18:11:35.146Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1188", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { name: "RHSA-2024:1404", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { name: "RHSA-2024:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { name: "RHSA-2024:1533", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { name: "RHBZ#2258518", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240223-0002/", }, { tags: [ "x_transferred", ], url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://git.kernel.org/pub/scm/linux/kernel", defaultStatus: "unaffected", packageName: "kernel", versions: [ { lessThan: "6.7-rc6", status: "affected", version: "0", versionType: "semver", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.rt7.326.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.6 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.95.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.8 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-477.51.1.el8_8", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.59.1.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.59.1.rt14.344.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.95.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-16", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-7", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-408", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-19", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-proxy-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.0.0-480", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-9", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/eventrouter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.4.0-248", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/fluentd-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.14.6-215", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/kibana6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-431", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/log-file-metric-exporter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.1.0-228", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-curator5-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.8.1-471", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-loki-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v2.9.6-15", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-view-plugin-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-3", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-27", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-12", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-527", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/opa-openshift-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-225", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/vector-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.28.1-57", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:6", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:9", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", }, ], datePublic: "2023-12-18T00:00:00+00:00", descriptions: [ { lang: "en", value: "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-15T15:27:39.597Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1188", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { name: "RHSA-2024:1404", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { name: "RHSA-2024:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { name: "RHSA-2024:1533", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { name: "RHBZ#2258518", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, ], timeline: [ { lang: "en", time: "2024-01-15T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-12-18T00:00:00+00:00", value: "Made public.", }, ], title: "Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client", workarounds: [ { lang: "en", value: "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", }, ], x_redhatCweChain: "CWE-191: Integer Underflow (Wrap or Wraparound)", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-0565", datePublished: "2024-01-15T20:02:02.639Z", dateReserved: "2024-01-15T19:19:12.076Z", dateUpdated: "2024-11-15T15:27:39.597Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-39689
Vulnerability from cvelistv5
Published
2024-07-05 18:39
Modified
2025-02-14 23:19
Severity ?
EPSS score ?
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues."
References
▼ | URL | Tags |
---|---|---|
https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc | x_refsource_CONFIRM | |
https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463 | x_refsource_MISC | |
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI | x_refsource_MISC |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
certifi | python-certifi |
Version: >= 2021.5.30, < 2024.7.4 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-39689", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-05T20:06:09.735041Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T20:06:22.343Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-12-06T13:09:31.501Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", }, { name: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", }, { url: "https://security.netapp.com/advisory/ntap-20241206-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "python-certifi", vendor: "certifi", versions: [ { status: "affected", version: ">= 2021.5.30, < 2024.7.4", }, ], }, ], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified \"long-running and unresolved compliance issues.\"", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345: Insufficient Verification of Data Authenticity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-14T23:19:13.111Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", }, { name: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", tags: [ "x_refsource_MISC", ], url: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", }, ], source: { advisory: "GHSA-248v-346w-9cwc", discovery: "UNKNOWN", }, title: "Certifi removes GLOBALTRUST root certificate", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-39689", datePublished: "2024-07-05T18:39:33.202Z", dateReserved: "2024-06-27T18:44:13.035Z", dateUpdated: "2025-02-14T23:19:13.111Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36054
Vulnerability from cvelistv5
Published
2023-08-07 00:00
Modified
2024-10-11 13:57
Severity ?
EPSS score ?
Summary
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:37:41.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://web.mit.edu/kerberos/www/advisories/", }, { tags: [ "x_transferred", ], url: "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", }, { tags: [ "x_transferred", ], url: "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", }, { tags: [ "x_transferred", ], url: "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230908-0004/", }, { name: "[debian-lts-announce] 20231022 [SECURITY] [DLA 3626-1] krb5 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-36054", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T13:57:00.998054Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T13:57:10.192Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-22T22:06:16.416880", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://web.mit.edu/kerberos/www/advisories/", }, { url: "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", }, { url: "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", }, { url: "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", }, { url: "https://security.netapp.com/advisory/ntap-20230908-0004/", }, { name: "[debian-lts-announce] 20231022 [SECURITY] [DLA 3626-1] krb5 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36054", datePublished: "2023-08-07T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-10-11T13:57:10.192Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-13817
Vulnerability from cvelistv5
Published
2020-06-04 12:31
Modified
2024-08-04 12:25
Severity ?
EPSS score ?
Summary
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/202007-12 | vendor-advisory, x_refsource_GENTOO | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
http://support.ntp.org/bin/view/Main/NtpBug3596 | x_refsource_MISC | |
https://bugs.ntp.org/show_bug.cgi?id=3596 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20200625-0004/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:25:16.566Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2020:0934", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html", }, { name: "openSUSE-SU-2020:1007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html", }, { name: "GLSA-202007-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202007-12", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.ntp.org/bin/view/Main/NtpBug3596", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ntp.org/show_bug.cgi?id=3596", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200625-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-07T14:40:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "openSUSE-SU-2020:0934", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html", }, { name: "openSUSE-SU-2020:1007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html", }, { name: "GLSA-202007-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202007-12", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "http://support.ntp.org/bin/view/Main/NtpBug3596", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ntp.org/show_bug.cgi?id=3596", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200625-0004/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-13817", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2020:0934", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html", }, { name: "openSUSE-SU-2020:1007", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html", }, { name: "GLSA-202007-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202007-12", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "http://support.ntp.org/bin/view/Main/NtpBug3596", refsource: "MISC", url: "http://support.ntp.org/bin/view/Main/NtpBug3596", }, { name: "https://bugs.ntp.org/show_bug.cgi?id=3596", refsource: "MISC", url: "https://bugs.ntp.org/show_bug.cgi?id=3596", }, { name: "https://security.netapp.com/advisory/ntap-20200625-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200625-0004/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-13817", datePublished: "2020-06-04T12:31:55", dateReserved: "2020-06-04T00:00:00", dateUpdated: "2024-08-04T12:25:16.566Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3156
Vulnerability from cvelistv5
Published
2021-01-26 00:00
Modified
2025-02-03 16:17
Severity ?
EPSS score ?
Summary
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:45:51.408Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html", }, { name: "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Jan/79", }, { name: "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/01/26/3", }, { name: "GLSA-202101-33", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202101-33", }, { name: "DSA-4839", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4839", }, { name: "FEDORA-2021-2cb63d912a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/", }, { name: "FEDORA-2021-8840cbdccd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/", }, { name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/1", }, { name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/2", }, { name: "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM", }, { name: "VU#794544", tags: [ "third-party-advisory", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/794544", }, { name: "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Feb/42", }, { name: "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/02/15/1", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://www.sudo.ws/stable.html#1.9.5p2", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2021/01/26/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210128-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210128-0001/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212177", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348", }, { tags: [ "x_transferred", ], url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability", }, { tags: [ "x_transferred", ], url: "https://www.synology.com/security/advisory/Synology_SA_21_02", }, { name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/8", }, { name: "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/6", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html", }, { name: "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Feb/3", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-3156", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T15:43:52.658146Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-04-06", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-3156", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-193", description: "CWE-193 Off-by-one Error", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-03T16:17:09.060Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-18T16:41:27.031Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html", }, { name: "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/Jan/79", }, { name: "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/01/26/3", }, { name: "GLSA-202101-33", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202101-33", }, { name: "DSA-4839", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4839", }, { name: "FEDORA-2021-2cb63d912a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/", }, { name: "FEDORA-2021-8840cbdccd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/", }, { name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/1", }, { name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/2", }, { name: "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM", }, { name: "VU#794544", tags: [ "third-party-advisory", ], url: "https://www.kb.cert.org/vuls/id/794544", }, { name: "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/Feb/42", }, { name: "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/02/15/1", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://www.sudo.ws/stable.html#1.9.5p2", }, { url: "https://www.openwall.com/lists/oss-security/2021/01/26/3", }, { url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html", }, { url: "https://security.netapp.com/advisory/ntap-20210128-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20210128-0001/", }, { url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html", }, { url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html", }, { url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html", }, { url: "https://support.apple.com/kb/HT212177", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348", }, { url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability", }, { url: "https://www.synology.com/security/advisory/Synology_SA_21_02", }, { name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/8", }, { name: "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/6", }, { url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html", }, { name: "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2024/Feb/3", }, { url: "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-3156", datePublished: "2021-01-26T00:00:00.000Z", dateReserved: "2021-01-15T00:00:00.000Z", dateUpdated: "2025-02-03T16:17:09.060Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28165
Vulnerability from cvelistv5
Published
2021-04-01 14:20
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
The Eclipse Foundation | Eclipse Jetty |
Version: 7.2.2 < unspecified Version: unspecified < Version: 10.0.0.alpha0 < unspecified Version: unspecified < Version: 11.0.0.alpha0 < unspecified Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:12.085Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Assigned] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5f172f2dd8fb02f032ef4437218fd4f610605a3dd4f2a024c1e43b94%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra210e38ae0bf615084390b26ba01bb5d66c0a76f232277446ae0948a%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.38 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re577736ca7da51952c910b345a500b7676ea9931c9b19709b87f292b%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbcd7b477df55857bb6cae21fcc4404683ac98aac1a47551f0dc55486%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9db72e9c33b93eba45a214af588f1d553839b5c3080fc913854a49ab%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re6614b4fe7dbb945409daadb9e1cc73c02383df68bf9334736107a6e%40%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 Re: [VOTE] Apache ZooKeeper release 3.6.3 candidate 1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r56e5568ac73daedcb3b5affbb4b908999f03d3c1b1ada3920b01e959%40%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra21b3e6bd9669377139fe33fb46edf6fece3f31375bc42a0dcc964b2%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbba0b02a3287e34af328070dd58f7828612f96e2e64992137f4dc63d%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf99f9a25ca24fe519c9346388f61b5b3a09be31b800bf37f01473ad7%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdf4fe435891e8c35e70ea5da033b4c3da78760f15a8c4212fad89d9f%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad closed pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb11a13e623218c70b9f2a2d0d122fdaaf905e04a2edcd23761894464%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7bf7004c18c914fae3d5a6a0191d477e5b6408d95669b3afbf6efa36%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] asfgit closed pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra9dd15ba8a4fb7e42c7fe948a6d6b3868fd6bbf8e3fb37fcf33b2cd0%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6.3 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc907ed7b089828364437de5ed57fa062330970dc1bc5cd214b711f77%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch master updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r33eb3889ca0aa12720355e64fc2f8f1e8c0c28a4d55b3b4b8891becb%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[hbase-dev] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4abbd760d24bab2b8f1294c5c9216ae915100099c4391ad64e9ae38b%40%3Cdev.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra50519652b0b7f869a14fbfb4be9758a29171d7fe561bb7e036e8449%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdbf2a2cd1800540ae50dd78b57411229223a6172117d62b8e57596aa%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbab9e67ec97591d063905bc7d4743e6a673f1bc457975fc0445ac97f%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4%40%3Cissues.hbase.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Created] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Commented] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r83453ec252af729996476e5839d0b28f07294959d60fea1bd76f7d81%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5d1f16dca2e010193840068f1a1ec17b7015e91acc646607cbc0a4da%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r940f15db77a96f6aea92d830bc94d8d95f26cc593394d144755824da%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Updated] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7c40fb3a66a39b6e6c83b0454bc6917ffe6c69e3131322be9c07a1da%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Assigned] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r942f4a903d0abb25ac75c592e57df98dea51350e8589269a72fd7913%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf6de4c249bd74007f5f66f683c110535f46e719d2f83a41e8faf295f%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb8f5a6ded384eb00608e6137e87110e7dd7d5054cc34561cb89b81af%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re3a1617d16a7367f767b8209b2151f4c19958196354b39568c532f26%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] HyukjinKwon commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2f2d9c3b7cc750a6763d6388bcf5db0c7b467bd8be6ac4d6aea4f0cf%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdfe5f1c071ba9dadba18d7fb0ff13ea6ecb33da624250c559999eaeb%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9b793db9f395b546e66fb9c44fe1cd75c7755029e944dfee31b8b779%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Resolved] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9fae5a4087d9ed1c9d4f0c7493b6981a4741cfb4bebb2416da638424%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r769155244ca2da2948a44091bb3bb9a56e7e1c71ecc720b8ecf281f0%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rfd3ff6e66b6bbcfb2fefa9f5a20328937c0369b2e142e3e1c6774743%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk closed pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb66ed0b4bb74836add60dd5ddf9172016380b2aeefb7f96fe348537b%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc6c43c3180c0efe00497c73dd374cd34b62036cb67987ad42c1f2dce%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r31f591a0deac927ede8ccc3eac4bb92697ee2361bf01549f9e3440ca%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rae8bbc5a516f3e21b8a55e61ff6ad0ced03bdbd116d2170a3eed9f5c%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbd9a837a18ca57ac0d9b4165a6eec95ee132f55d025666fe41099f33%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/raea6e820644e8c5a577f77d4e2044f8ab52183c2536b00c56738beef%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb1624b9777a3070135e94331a428c6653a6a1edccd56fa9fb7a547f2%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ree1895a256a9db951e0d97a76222909c2e1f28c1a3d89933173deed6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd6c1eb9a8a94b3ac8a525d74d792924e8469f201b77e1afcf774e7a6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb2d34abb67cdf525945fe4b821c5cdbca29a78d586ae1f9f505a311c%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb00345f6b1620b553d2cc1acaf3017aa75cea3776b911e024fa3b187%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r71031d0acb1de55c9ab32f4750c50ce2f28543252e887ca03bd5621e%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdde34d53aa80193cda016272d61e6749f8a9044ccb37a30768938f7e%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun edited a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r411d75dc6bcefadaaea246549dd18e8d391a880ddf28a796f09ce152%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-3.0 updated: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2afc72af069a7fe89ca2de847f3ab3971cb1d668a9497c999946cd78%40%3Ccommits.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun closed pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r23785214d47673b811ef119ca3a40f729801865ea1e891572d15faa6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] viirya commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf1b02dfccd27b8bbc3afd119b212452fa32e9ed7d506be9357a3a7ec%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r47a7542ab61da865fff3db0fe74bfe76c89a37b6e6d2c2a423f8baee%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r72bf813ed4737196ea3ed26494e949577be587fd5939fe8be09907c7%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r746434be6abff9ad321ff54ecae09e1f09c1c7c139021f40a5774090%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6ce2907b2691c025250ba010bc797677ef78d5994d08507a2e5477c9%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-2.4 updated: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd24d8a059233167b4a5aebda4b3534ca1d86caa8a85b10a73403ee97%40%3Ccommits.spark.apache.org%3E", }, { name: "[hbase-issues] 20210408 [GitHub] [hbase-thirdparty] apurtell merged pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7189bf41cb0c483629917a01cf296f9fbdbda3987084595192e3845d%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210408 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4891d45625cc522fe0eb764ac50d48bcca9c0db4805ea4a998d4c225%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-commits] 20210408 [hbase-thirdparty] branch master updated: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 (#49)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re0545ecced2d468c94ce4dcfa37d40a9573cc68ef5f6839ffca9c1c1%40%3Ccommits.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] dinghram opened a new pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r520c56519b8820955a86966f499e7a0afcbcf669d6f7da59ef1eb155%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] merlimat commented on pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rfc9f51b4e21022b3cd6cb6f90791a6a6999560212e519b5f09db0aed%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r65daad30d13f7c56eb5c3d7733ad8dddbf62c469175410777a78d812%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6535b2beddf0ed2d263ab64ff365a5f790df135a1a2f45786417adb7%40%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc4779abc1cface47e956cf9f8910f15d79c24477e7b1ac9be076a825%40%3Cjira.kafka.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai closed pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rcdea97f4d3233298296aabc103c9fcefbf629425418c2b69bb16745f%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai commented on pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r90327f55db8f1d079f9a724aabf1f5eb3c00c1de49dc7fd04cad1ebc%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr opened a new pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Assigned] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd755dfe5f658c42704540ad7950cebd136739089c3231658e398cf38%40%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-issues] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9dae4aa8cc65fe6b%40%3Cissues.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 merged pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6f256a1d15505f79f4050a69bb8f27b34cb353604dd2f765c9da5df7%40%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-dev] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd7c8fb305a8637480dc943ba08424c8992dccad018cd1405eb2afe0e%40%3Cdev.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc4dbc9907b0bdd634200ac90a15283d9c143c11af66e7ec72128d020%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r694e57d74fcaa48818a03c282aecfa13ae68340c798dfcb55cb7acc7%40%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd9ea411a58925cc82c32e15f541ead23cb25b4b2d57a2bdb0341536e%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] edwin092 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6b070441871a4e6ce8bb63e190c879bb60da7c5e15023de29ebd4f9f%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r81748d56923882543f5be456043c67daef84d631cf54899082058ef1%40%3Cjira.kafka.apache.org%3E", }, { name: "[solr-issues] 20210414 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961%40%3Cissues.solr.apache.org%3E", }, { name: "[oss-security] 20210420 Vulnerability in Jenkins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/04/20/3", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918dd34bd22cdf8dd%40%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Commented] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f%40%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) Upgrade Jetty version to fix CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5ca94bc42a4fd46%40%3Cissues.ignite.apache.org%3E", }, { name: "[solr-issues] 20210507 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66%40%3Cissues.solr.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] jeffreysmooth commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r401b1c592f295b811608010a70792b11c91885b72af9f9410cffbe35%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r64ff94118f6c80e6c085c6e2d51bbb490eaefad0642db8c936e4f0b7%40%3Creviews.spark.apache.org%3E", }, { name: "[solr-issues] 20210623 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81%40%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Created] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b827d455e5dc9a6%40%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f%40%3Cissues.solr.apache.org%3E", }, { name: "[kafka-jira] 20210715 [jira] [Commented] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a%40%3Cjira.kafka.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210611-0006/", }, { name: "DSA-4949", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4949", }, { name: "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd313e7b476c47a9c%40%3Cissues.solr.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Eclipse Jetty", vendor: "The Eclipse Foundation", versions: [ { lessThan: "unspecified", status: "affected", version: "7.2.2", versionType: "custom", }, { lessThanOrEqual: "9.4.38", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "10.0.0.alpha0", versionType: "custom", }, { lessThanOrEqual: "10.0.1", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "11.0.0.alpha0", versionType: "custom", }, { lessThanOrEqual: "11.0.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-551", description: "CWE-551", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T23:54:20", orgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", shortName: "eclipse", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Assigned] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5f172f2dd8fb02f032ef4437218fd4f610605a3dd4f2a024c1e43b94%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra210e38ae0bf615084390b26ba01bb5d66c0a76f232277446ae0948a%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.38 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re577736ca7da51952c910b345a500b7676ea9931c9b19709b87f292b%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbcd7b477df55857bb6cae21fcc4404683ac98aac1a47551f0dc55486%40%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9db72e9c33b93eba45a214af588f1d553839b5c3080fc913854a49ab%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re6614b4fe7dbb945409daadb9e1cc73c02383df68bf9334736107a6e%40%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 Re: [VOTE] Apache ZooKeeper release 3.6.3 candidate 1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r56e5568ac73daedcb3b5affbb4b908999f03d3c1b1ada3920b01e959%40%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra21b3e6bd9669377139fe33fb46edf6fece3f31375bc42a0dcc964b2%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbba0b02a3287e34af328070dd58f7828612f96e2e64992137f4dc63d%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf99f9a25ca24fe519c9346388f61b5b3a09be31b800bf37f01473ad7%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdf4fe435891e8c35e70ea5da033b4c3da78760f15a8c4212fad89d9f%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad closed pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb11a13e623218c70b9f2a2d0d122fdaaf905e04a2edcd23761894464%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r7bf7004c18c914fae3d5a6a0191d477e5b6408d95669b3afbf6efa36%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] asfgit closed pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra9dd15ba8a4fb7e42c7fe948a6d6b3868fd6bbf8e3fb37fcf33b2cd0%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc%40%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6.3 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc907ed7b089828364437de5ed57fa062330970dc1bc5cd214b711f77%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch master updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r33eb3889ca0aa12720355e64fc2f8f1e8c0c28a4d55b3b4b8891becb%40%3Ccommits.zookeeper.apache.org%3E", }, { name: "[hbase-dev] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4abbd760d24bab2b8f1294c5c9216ae915100099c4391ad64e9ae38b%40%3Cdev.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra50519652b0b7f869a14fbfb4be9758a29171d7fe561bb7e036e8449%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdbf2a2cd1800540ae50dd78b57411229223a6172117d62b8e57596aa%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbab9e67ec97591d063905bc7d4743e6a673f1bc457975fc0445ac97f%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4%40%3Cissues.hbase.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Created] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Commented] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r83453ec252af729996476e5839d0b28f07294959d60fea1bd76f7d81%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5d1f16dca2e010193840068f1a1ec17b7015e91acc646607cbc0a4da%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r940f15db77a96f6aea92d830bc94d8d95f26cc593394d144755824da%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Updated] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r7c40fb3a66a39b6e6c83b0454bc6917ffe6c69e3131322be9c07a1da%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Assigned] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r942f4a903d0abb25ac75c592e57df98dea51350e8589269a72fd7913%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf6de4c249bd74007f5f66f683c110535f46e719d2f83a41e8faf295f%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb8f5a6ded384eb00608e6137e87110e7dd7d5054cc34561cb89b81af%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re3a1617d16a7367f767b8209b2151f4c19958196354b39568c532f26%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] HyukjinKwon commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2f2d9c3b7cc750a6763d6388bcf5db0c7b467bd8be6ac4d6aea4f0cf%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdfe5f1c071ba9dadba18d7fb0ff13ea6ecb33da624250c559999eaeb%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9b793db9f395b546e66fb9c44fe1cd75c7755029e944dfee31b8b779%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Resolved] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9fae5a4087d9ed1c9d4f0c7493b6981a4741cfb4bebb2416da638424%40%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r769155244ca2da2948a44091bb3bb9a56e7e1c71ecc720b8ecf281f0%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rfd3ff6e66b6bbcfb2fefa9f5a20328937c0369b2e142e3e1c6774743%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk closed pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb66ed0b4bb74836add60dd5ddf9172016380b2aeefb7f96fe348537b%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc6c43c3180c0efe00497c73dd374cd34b62036cb67987ad42c1f2dce%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r31f591a0deac927ede8ccc3eac4bb92697ee2361bf01549f9e3440ca%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rae8bbc5a516f3e21b8a55e61ff6ad0ced03bdbd116d2170a3eed9f5c%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbd9a837a18ca57ac0d9b4165a6eec95ee132f55d025666fe41099f33%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/raea6e820644e8c5a577f77d4e2044f8ab52183c2536b00c56738beef%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb1624b9777a3070135e94331a428c6653a6a1edccd56fa9fb7a547f2%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ree1895a256a9db951e0d97a76222909c2e1f28c1a3d89933173deed6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd6c1eb9a8a94b3ac8a525d74d792924e8469f201b77e1afcf774e7a6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb2d34abb67cdf525945fe4b821c5cdbca29a78d586ae1f9f505a311c%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb00345f6b1620b553d2cc1acaf3017aa75cea3776b911e024fa3b187%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r71031d0acb1de55c9ab32f4750c50ce2f28543252e887ca03bd5621e%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdde34d53aa80193cda016272d61e6749f8a9044ccb37a30768938f7e%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun edited a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r411d75dc6bcefadaaea246549dd18e8d391a880ddf28a796f09ce152%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-3.0 updated: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2afc72af069a7fe89ca2de847f3ab3971cb1d668a9497c999946cd78%40%3Ccommits.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun closed pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r23785214d47673b811ef119ca3a40f729801865ea1e891572d15faa6%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] viirya commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf1b02dfccd27b8bbc3afd119b212452fa32e9ed7d506be9357a3a7ec%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r47a7542ab61da865fff3db0fe74bfe76c89a37b6e6d2c2a423f8baee%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r72bf813ed4737196ea3ed26494e949577be587fd5939fe8be09907c7%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r746434be6abff9ad321ff54ecae09e1f09c1c7c139021f40a5774090%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6ce2907b2691c025250ba010bc797677ef78d5994d08507a2e5477c9%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-2.4 updated: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd24d8a059233167b4a5aebda4b3534ca1d86caa8a85b10a73403ee97%40%3Ccommits.spark.apache.org%3E", }, { name: "[hbase-issues] 20210408 [GitHub] [hbase-thirdparty] apurtell merged pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r7189bf41cb0c483629917a01cf296f9fbdbda3987084595192e3845d%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210408 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4891d45625cc522fe0eb764ac50d48bcca9c0db4805ea4a998d4c225%40%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-commits] 20210408 [hbase-thirdparty] branch master updated: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 (#49)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re0545ecced2d468c94ce4dcfa37d40a9573cc68ef5f6839ffca9c1c1%40%3Ccommits.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] dinghram opened a new pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r520c56519b8820955a86966f499e7a0afcbcf669d6f7da59ef1eb155%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] merlimat commented on pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rfc9f51b4e21022b3cd6cb6f90791a6a6999560212e519b5f09db0aed%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r65daad30d13f7c56eb5c3d7733ad8dddbf62c469175410777a78d812%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6535b2beddf0ed2d263ab64ff365a5f790df135a1a2f45786417adb7%40%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc4779abc1cface47e956cf9f8910f15d79c24477e7b1ac9be076a825%40%3Cjira.kafka.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai closed pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rcdea97f4d3233298296aabc103c9fcefbf629425418c2b69bb16745f%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai commented on pull request #10183: CVE-2021-28165-Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r90327f55db8f1d079f9a724aabf1f5eb3c00c1de49dc7fd04cad1ebc%40%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr opened a new pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Assigned] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd755dfe5f658c42704540ad7950cebd136739089c3231658e398cf38%40%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-issues] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9dae4aa8cc65fe6b%40%3Cissues.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 merged pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6f256a1d15505f79f4050a69bb8f27b34cb353604dd2f765c9da5df7%40%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-dev] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd7c8fb305a8637480dc943ba08424c8992dccad018cd1405eb2afe0e%40%3Cdev.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc4dbc9907b0bdd634200ac90a15283d9c143c11af66e7ec72128d020%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r694e57d74fcaa48818a03c282aecfa13ae68340c798dfcb55cb7acc7%40%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd9ea411a58925cc82c32e15f541ead23cb25b4b2d57a2bdb0341536e%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] edwin092 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6b070441871a4e6ce8bb63e190c879bb60da7c5e15023de29ebd4f9f%40%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r81748d56923882543f5be456043c67daef84d631cf54899082058ef1%40%3Cjira.kafka.apache.org%3E", }, { name: "[solr-issues] 20210414 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961%40%3Cissues.solr.apache.org%3E", }, { name: "[oss-security] 20210420 Vulnerability in Jenkins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/04/20/3", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918dd34bd22cdf8dd%40%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Commented] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f%40%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) Upgrade Jetty version to fix CVE-2021-2816[3,4,5] in Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5ca94bc42a4fd46%40%3Cissues.ignite.apache.org%3E", }, { name: "[solr-issues] 20210507 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66%40%3Cissues.solr.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] jeffreysmooth commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r401b1c592f295b811608010a70792b11c91885b72af9f9410cffbe35%40%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r64ff94118f6c80e6c085c6e2d51bbb490eaefad0642db8c936e4f0b7%40%3Creviews.spark.apache.org%3E", }, { name: "[solr-issues] 20210623 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81%40%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Created] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b827d455e5dc9a6%40%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f%40%3Cissues.solr.apache.org%3E", }, { name: "[kafka-jira] 20210715 [jira] [Commented] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a%40%3Cjira.kafka.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20210611-0006/", }, { name: "DSA-4949", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4949", }, { name: "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd313e7b476c47a9c%40%3Cissues.solr.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@eclipse.org", ID: "CVE-2021-28165", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Eclipse Jetty", version: { version_data: [ { version_affected: ">=", version_value: "7.2.2", }, { version_affected: "<=", version_value: "9.4.38", }, { version_affected: ">=", version_value: "10.0.0.alpha0", }, { version_affected: "<=", version_value: "10.0.1", }, { version_affected: ">=", version_value: "11.0.0.alpha0", }, { version_affected: "<=", version_value: "11.0.1", }, ], }, }, ], }, vendor_name: "The Eclipse Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.", }, ], }, impact: { cvss: { baseScore: 7.5, vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, { description: [ { lang: "eng", value: "CWE-551", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", refsource: "CONFIRM", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287@%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Assigned] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5f172f2dd8fb02f032ef4437218fd4f610605a3dd4f2a024c1e43b94@%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra210e38ae0bf615084390b26ba01bb5d66c0a76f232277446ae0948a@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.38 CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re577736ca7da51952c910b345a500b7676ea9931c9b19709b87f292b@%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-issues] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbcd7b477df55857bb6cae21fcc4404683ac98aac1a47551f0dc55486@%3Cissues.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9db72e9c33b93eba45a214af588f1d553839b5c3080fc913854a49ab@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re6614b4fe7dbb945409daadb9e1cc73c02383df68bf9334736107a6e@%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-dev] 20210407 Re: [VOTE] Apache ZooKeeper release 3.6.3 candidate 1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r56e5568ac73daedcb3b5affbb4b908999f03d3c1b1ada3920b01e959@%3Cdev.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra21b3e6bd9669377139fe33fb46edf6fece3f31375bc42a0dcc964b2@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbba0b02a3287e34af328070dd58f7828612f96e2e64992137f4dc63d@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf99f9a25ca24fe519c9346388f61b5b3a09be31b800bf37f01473ad7@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdf4fe435891e8c35e70ea5da033b4c3da78760f15a8c4212fad89d9f@%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad closed pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb11a13e623218c70b9f2a2d0d122fdaaf905e04a2edcd23761894464@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r7bf7004c18c914fae3d5a6a0191d477e5b6408d95669b3afbf6efa36@%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] asfgit closed pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra9dd15ba8a4fb7e42c7fe948a6d6b3868fd6bbf8e3fb37fcf33b2cd0@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6.3 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc907ed7b089828364437de5ed57fa062330970dc1bc5cd214b711f77@%3Ccommits.zookeeper.apache.org%3E", }, { name: "[zookeeper-commits] 20210407 [zookeeper] branch master updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r33eb3889ca0aa12720355e64fc2f8f1e8c0c28a4d55b3b4b8891becb@%3Ccommits.zookeeper.apache.org%3E", }, { name: "[hbase-dev] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4abbd760d24bab2b8f1294c5c9216ae915100099c4391ad64e9ae38b@%3Cdev.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra50519652b0b7f869a14fbfb4be9758a29171d7fe561bb7e036e8449@%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdbf2a2cd1800540ae50dd78b57411229223a6172117d62b8e57596aa@%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbab9e67ec97591d063905bc7d4743e6a673f1bc457975fc0445ac97f@%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210407 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Created] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Commented] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r83453ec252af729996476e5839d0b28f07294959d60fea1bd76f7d81@%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5d1f16dca2e010193840068f1a1ec17b7015e91acc646607cbc0a4da@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r940f15db77a96f6aea92d830bc94d8d95f26cc593394d144755824da@%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Updated] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r7c40fb3a66a39b6e6c83b0454bc6917ffe6c69e3131322be9c07a1da@%3Cissues.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Assigned] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r942f4a903d0abb25ac75c592e57df98dea51350e8589269a72fd7913@%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf6de4c249bd74007f5f66f683c110535f46e719d2f83a41e8faf295f@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb8f5a6ded384eb00608e6137e87110e7dd7d5054cc34561cb89b81af@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re3a1617d16a7367f767b8209b2151f4c19958196354b39568c532f26@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] HyukjinKwon commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2f2d9c3b7cc750a6763d6388bcf5db0c7b467bd8be6ac4d6aea4f0cf@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdfe5f1c071ba9dadba18d7fb0ff13ea6ecb33da624250c559999eaeb@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9b793db9f395b546e66fb9c44fe1cd75c7755029e944dfee31b8b779@%3Creviews.spark.apache.org%3E", }, { name: "[spark-issues] 20210408 [jira] [Resolved] (SPARK-34988) Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9fae5a4087d9ed1c9d4f0c7493b6981a4741cfb4bebb2416da638424@%3Cissues.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r769155244ca2da2948a44091bb3bb9a56e7e1c71ecc720b8ecf281f0@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rfd3ff6e66b6bbcfb2fefa9f5a20328937c0369b2e142e3e1c6774743@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] MaxGekk closed pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb66ed0b4bb74836add60dd5ddf9172016380b2aeefb7f96fe348537b@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc6c43c3180c0efe00497c73dd374cd34b62036cb67987ad42c1f2dce@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r31f591a0deac927ede8ccc3eac4bb92697ee2361bf01549f9e3440ca@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rae8bbc5a516f3e21b8a55e61ff6ad0ced03bdbd116d2170a3eed9f5c@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbd9a837a18ca57ac0d9b4165a6eec95ee132f55d025666fe41099f33@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/raea6e820644e8c5a577f77d4e2044f8ab52183c2536b00c56738beef@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb1624b9777a3070135e94331a428c6653a6a1edccd56fa9fb7a547f2@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ree1895a256a9db951e0d97a76222909c2e1f28c1a3d89933173deed6@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd6c1eb9a8a94b3ac8a525d74d792924e8469f201b77e1afcf774e7a6@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb2d34abb67cdf525945fe4b821c5cdbca29a78d586ae1f9f505a311c@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb00345f6b1620b553d2cc1acaf3017aa75cea3776b911e024fa3b187@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r71031d0acb1de55c9ab32f4750c50ce2f28543252e887ca03bd5621e@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdde34d53aa80193cda016272d61e6749f8a9044ccb37a30768938f7e@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun edited a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r411d75dc6bcefadaaea246549dd18e8d391a880ddf28a796f09ce152@%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-3.0 updated: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2afc72af069a7fe89ca2de847f3ab3971cb1d668a9497c999946cd78@%3Ccommits.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun closed pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r23785214d47673b811ef119ca3a40f729801865ea1e891572d15faa6@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] viirya commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf1b02dfccd27b8bbc3afd119b212452fa32e9ed7d506be9357a3a7ec@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r47a7542ab61da865fff3db0fe74bfe76c89a37b6e6d2c2a423f8baee@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r72bf813ed4737196ea3ed26494e949577be587fd5939fe8be09907c7@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r746434be6abff9ad321ff54ecae09e1f09c1c7c139021f40a5774090@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6ce2907b2691c025250ba010bc797677ef78d5994d08507a2e5477c9@%3Creviews.spark.apache.org%3E", }, { name: "[spark-commits] 20210408 [spark] branch branch-2.4 updated: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd24d8a059233167b4a5aebda4b3534ca1d86caa8a85b10a73403ee97@%3Ccommits.spark.apache.org%3E", }, { name: "[hbase-issues] 20210408 [GitHub] [hbase-thirdparty] apurtell merged pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r7189bf41cb0c483629917a01cf296f9fbdbda3987084595192e3845d@%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-issues] 20210408 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4891d45625cc522fe0eb764ac50d48bcca9c0db4805ea4a998d4c225@%3Cissues.hbase.apache.org%3E", }, { name: "[hbase-commits] 20210408 [hbase-thirdparty] branch master updated: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 (#49)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re0545ecced2d468c94ce4dcfa37d40a9573cc68ef5f6839ffca9c1c1@%3Ccommits.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] dinghram opened a new pull request #10183: CVE-2021-28165-Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r520c56519b8820955a86966f499e7a0afcbcf669d6f7da59ef1eb155@%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210409 [GitHub] [pulsar] merlimat commented on pull request #10183: CVE-2021-28165-Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rfc9f51b4e21022b3cd6cb6f90791a6a6999560212e519b5f09db0aed@%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r65daad30d13f7c56eb5c3d7733ad8dddbf62c469175410777a78d812@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6535b2beddf0ed2d263ab64ff365a5f790df135a1a2f45786417adb7@%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc4779abc1cface47e956cf9f8910f15d79c24477e7b1ac9be076a825@%3Cjira.kafka.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai closed pull request #10183: CVE-2021-28165-Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rcdea97f4d3233298296aabc103c9fcefbf629425418c2b69bb16745f@%3Ccommits.pulsar.apache.org%3E", }, { name: "[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai commented on pull request #10183: CVE-2021-28165-Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r90327f55db8f1d079f9a724aabf1f5eb3c00c1de49dc7fd04cad1ebc@%3Ccommits.pulsar.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr opened a new pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [jira] [Assigned] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd755dfe5f658c42704540ad7950cebd136739089c3231658e398cf38@%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-issues] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9dae4aa8cc65fe6b@%3Cissues.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 merged pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6f256a1d15505f79f4050a69bb8f27b34cb353604dd2f765c9da5df7@%3Cjira.kafka.apache.org%3E", }, { name: "[ignite-dev] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd7c8fb305a8637480dc943ba08424c8992dccad018cd1405eb2afe0e@%3Cdev.ignite.apache.org%3E", }, { name: "[kafka-jira] 20210413 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc4dbc9907b0bdd634200ac90a15283d9c143c11af66e7ec72128d020@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-dev] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r694e57d74fcaa48818a03c282aecfa13ae68340c798dfcb55cb7acc7@%3Cdev.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] chia7712 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd9ea411a58925cc82c32e15f541ead23cb25b4b2d57a2bdb0341536e@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] edwin092 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6b070441871a4e6ce8bb63e190c879bb60da7c5e15023de29ebd4f9f@%3Cjira.kafka.apache.org%3E", }, { name: "[kafka-jira] 20210413 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r81748d56923882543f5be456043c67daef84d631cf54899082058ef1@%3Cjira.kafka.apache.org%3E", }, { name: "[solr-issues] 20210414 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E", }, { name: "[oss-security] 20210420 Vulnerability in Jenkins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/04/20/3", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918dd34bd22cdf8dd@%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Commented] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f@%3Cissues.ignite.apache.org%3E", }, { name: "[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) Upgrade Jetty version to fix CVE-2021-2816[3,4,5] in Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5ca94bc42a4fd46@%3Cissues.ignite.apache.org%3E", }, { name: "[solr-issues] 20210507 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] jeffreysmooth commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r401b1c592f295b811608010a70792b11c91885b72af9f9410cffbe35@%3Creviews.spark.apache.org%3E", }, { name: "[spark-reviews] 20210517 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r64ff94118f6c80e6c085c6e2d51bbb490eaefad0642db8c936e4f0b7@%3Creviews.spark.apache.org%3E", }, { name: "[solr-issues] 20210623 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81@%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Created] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b827d455e5dc9a6@%3Cissues.solr.apache.org%3E", }, { name: "[solr-issues] 20210711 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f@%3Cissues.solr.apache.org%3E", }, { name: "[kafka-jira] 20210715 [jira] [Commented] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a@%3Cjira.kafka.apache.org%3E", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { name: "https://security.netapp.com/advisory/ntap-20210611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20210611-0006/", }, { name: "DSA-4949", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4949", }, { name: "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd313e7b476c47a9c@%3Cissues.solr.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", assignerShortName: "eclipse", cveId: "CVE-2021-28165", datePublished: "2021-04-01T14:20:14", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:12.085Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-38286
Vulnerability from cvelistv5
Published
2024-11-07 07:37
Modified
2024-11-07 16:36
Severity ?
EPSS score ?
Summary
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.
Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.
Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.
References
▼ | URL | Tags |
---|---|---|
https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s | vendor-advisory |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.0-M20 Version: 10.1.0-M1 ≤ 10.1.24 Version: 9.0.13 ≤ 9.0.89 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-11-07T08:03:33.093Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2024/09/23/2", }, { url: "https://security.netapp.com/advisory/ntap-20241101-0010/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "tomcat", vendor: "apache", versions: [ { lessThanOrEqual: "11.0.0-m20", status: "affected", version: "11.0.0-m1", versionType: "semver", }, { lessThanOrEqual: "10.1.24", status: "affected", version: "10.1.0-m1", versionType: "semver", }, { lessThanOrEqual: "9.0.89", status: "affected", version: "9.0.13", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-38286", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T16:33:49.152023Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T16:36:00.935Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Tomcat", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "11.0.0-M20", status: "affected", version: "11.0.0-M1", versionType: "semver", }, { lessThanOrEqual: "10.1.24", status: "affected", version: "10.1.0-M1", versionType: "semver", }, { lessThanOrEqual: "9.0.89", status: "affected", version: "9.0.13", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Ozaki, North Grid Corporation", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.</p><p>This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.<br></p><p>Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.</p><p></p><div>Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.<br></div><br><p></p>", }, ], value: "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\n\n\n\nApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-07T07:37:32.224Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s", }, ], source: { discovery: "EXTERNAL", }, timeline: [ { lang: "en", time: "2024-06-04T06:21:00.000Z", value: "Issue reported to Apache Tomcat Security Team", }, ], title: "Apache Tomcat: Denial of Service", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2024-38286", datePublished: "2024-11-07T07:37:32.224Z", dateReserved: "2024-06-12T16:27:23.740Z", dateUpdated: "2024-11-07T16:36:00.935Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-2953
Vulnerability from cvelistv5
Published
2023-05-30 00:00
Modified
2025-01-10 21:28
Severity ?
EPSS score ?
Summary
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:41:04.071Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-2953", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230703-0005/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213843", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213844", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213845", }, { name: "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Jul/52", }, { name: "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Jul/48", }, { name: "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Jul/47", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-2953", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-10T21:27:47.208145Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-10T21:28:27.261Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "openldap", vendor: "n/a", versions: [ { status: "affected", version: "openldap-2.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-25T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { url: "https://access.redhat.com/security/cve/CVE-2023-2953", }, { url: "https://security.netapp.com/advisory/ntap-20230703-0005/", }, { url: "https://support.apple.com/kb/HT213843", }, { url: "https://support.apple.com/kb/HT213844", }, { url: "https://support.apple.com/kb/HT213845", }, { name: "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Jul/52", }, { name: "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Jul/48", }, { name: "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Jul/47", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-2953", datePublished: "2023-05-30T00:00:00", dateReserved: "2023-05-29T00:00:00", dateUpdated: "2025-01-10T21:28:27.261Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-6387
Vulnerability from cvelistv5
Published
2024-07-01 12:37
Modified
2024-11-24 17:19
Severity ?
EPSS score ?
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:4312 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4340 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4389 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4469 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4474 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4479 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4484 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-6387 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2294604 | issue-tracking, x_refsource_REDHAT | |
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html | ||
https://www.openssh.com/txt/release-9.8 | ||
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt |
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 8.5p1 < |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-6387", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-02T13:18:34.695298Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-02T13:18:46.662Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-19T07:47:51.801Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/01/12", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/01/13", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/02/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/11", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/3", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/4", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/03/5", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/04/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/04/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/08/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/08/3", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/09/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/09/5", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/10/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/10/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/10/3", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/10/4", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/10/6", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/11/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/11/3", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/23/4", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/23/6", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/28/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/28/3", }, { name: "RHSA-2024:4312", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4312", }, { name: "RHSA-2024:4340", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4340", }, { name: "RHSA-2024:4389", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4389", }, { name: "RHSA-2024:4469", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4469", }, { name: "RHSA-2024:4474", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4474", }, { name: "RHSA-2024:4479", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4479", }, { name: "RHSA-2024:4484", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4484", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-6387", }, { tags: [ "x_transferred", ], url: "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/", }, { tags: [ "x_transferred", ], url: "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/", }, { tags: [ "x_transferred", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server", }, { name: "RHBZ#2294604", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", }, { tags: [ "x_transferred", ], url: "https://explore.alas.aws.amazon.com/CVE-2024-6387.html", }, { tags: [ "x_transferred", ], url: "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132", }, { tags: [ "x_transferred", ], url: "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc", }, { tags: [ "x_transferred", ], url: "https://github.com/AlmaLinux/updates/issues/629", }, { tags: [ "x_transferred", ], url: "https://github.com/Azure/AKS/issues/4379", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2249", }, { tags: [ "x_transferred", ], url: "https://github.com/microsoft/azurelinux/issues/9555", }, { tags: [ "x_transferred", ], url: "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09", }, { tags: [ "x_transferred", ], url: "https://github.com/oracle/oracle-linux/issues/149", }, { tags: [ "x_transferred", ], url: "https://github.com/rapier1/hpn-ssh/issues/87", }, { tags: [ "x_transferred", ], url: "https://github.com/zgzhang/cve-2024-6387-poc", }, { tags: [ "x_transferred", ], url: "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/", }, { tags: [ "x_transferred", ], url: "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html", }, { tags: [ "x_transferred", ], url: "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=40843778", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010", }, { tags: [ "x_transferred", ], url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2024-6387", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240701-0001/", }, { tags: [ "x_transferred", ], url: "https://sig-security.rocky.page/issues/CVE-2024-6387/", }, { tags: [ "x_transferred", ], url: "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/CVE-2024-6387", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/notices/USN-6859-1", }, { tags: [ "x_transferred", ], url: "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do", }, { tags: [ "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100", }, { tags: [ "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc", }, { tags: [ "x_transferred", ], url: "https://www.openssh.com/txt/release-9.8", }, { tags: [ "x_transferred", ], url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", }, { tags: [ "x_transferred", ], url: "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html", }, { tags: [ "x_transferred", ], url: "https://www.suse.com/security/cve/CVE-2024-6387.html", }, { tags: [ "x_transferred", ], url: "https://www.theregister.com/2024/07/01/regresshion_openssh/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT214119", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT214118", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT214120", }, { tags: [ "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Jul/20", }, { tags: [ "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Jul/18", }, { tags: [ "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Jul/19", }, { url: "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://www.openssh.com/", defaultStatus: "unaffected", packageName: "OpenSSH", repo: "https://anongit.mindrot.org/openssh.git", versions: [ { lessThanOrEqual: "9.7p1", status: "affected", version: "8.5p1", versionType: "custom", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:8.7p1-38.el9_4.1", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:8.7p1-38.el9_4.1", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_e4s:9.0::appstream", "cpe:/o:redhat:rhel_e4s:9.0::baseos", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:8.7p1-12.el9_0.1", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:8.7p1-30.el9_2.4", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift:4.13::el8", "cpe:/a:redhat:openshift:4.13::el9", ], defaultStatus: "affected", packageName: "rhcos", product: "Red Hat OpenShift Container Platform 4.13", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "413.92.202407091321-0", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9", ], defaultStatus: "affected", packageName: "rhcos", product: "Red Hat OpenShift Container Platform 4.14", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "414.92.202407091253-0", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9", ], defaultStatus: "affected", packageName: "rhcos", product: "Red Hat OpenShift Container Platform 4.15", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "415.92.202407091355-0", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift:4.16::el9", ], defaultStatus: "affected", packageName: "rhcos", product: "Red Hat OpenShift Container Platform 4.16", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "416.94.202407081958-0", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:ceph_storage:5", ], defaultStatus: "unaffected", packageName: "openssh", product: "Red Hat Ceph Storage 5", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:ceph_storage:6", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Ceph Storage 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:ceph_storage:7", ], defaultStatus: "affected", packageName: "openssh", product: "Red Hat Ceph Storage 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:6", ], defaultStatus: "unaffected", packageName: "openssh", product: "Red Hat Enterprise Linux 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "openssh", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8", ], defaultStatus: "unaffected", packageName: "openssh", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.", }, ], datePublic: "2024-07-01T08:00:00+00:00", descriptions: [ { lang: "en", value: "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-364", description: "Signal Handler Race Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-24T17:19:20.471Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:4312", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4312", }, { name: "RHSA-2024:4340", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4340", }, { name: "RHSA-2024:4389", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4389", }, { name: "RHSA-2024:4469", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4469", }, { name: "RHSA-2024:4474", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4474", }, { name: "RHSA-2024:4479", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4479", }, { name: "RHSA-2024:4484", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4484", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-6387", }, { name: "RHBZ#2294604", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", }, { url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", }, { url: "https://www.openssh.com/txt/release-9.8", }, { url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", }, ], timeline: [ { lang: "en", time: "2024-06-27T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-07-01T08:00:00+00:00", value: "Made public.", }, ], title: "Openssh: regresshion - race condition in ssh allows rce/dos", workarounds: [ { lang: "en", value: "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.", }, ], x_redhatCweChain: "CWE-364: Signal Handler Race Condition", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-6387", datePublished: "2024-07-01T12:37:25.431Z", dateReserved: "2024-06-27T13:41:03.421Z", dateUpdated: "2024-11-24T17:19:20.471Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-01-26 21:15
Modified
2025-02-03 17:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
References
Impacted products
{ cisaActionDue: "2022-04-27", cisaExploitAdd: "2022-04-06", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Sudo Heap-Based Buffer Overflow Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*", matchCriteriaId: "ED707F57-531B-4066-AFF0-7239F87B6BF5", versionEndExcluding: "1.8.32", versionStartIncluding: "1.8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*", matchCriteriaId: "38FC37F7-DE89-4078-BB55-EBFBF3A2D780", versionEndExcluding: "1.9.5", versionStartIncluding: "1.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*", matchCriteriaId: "436F3F62-FBA8-44CB-A5A9-AA4D7E0F9A09", vulnerable: true, }, { criteria: "cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*", matchCriteriaId: "3C21138F-EB70-4AAE-9F45-C75CCE59BA89", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", matchCriteriaId: "0A4D418D-B526-46B9-B439-E1963BF88C0A", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*", matchCriteriaId: "D2039589-B543-49B6-AC5F-74C4253B416D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*", matchCriteriaId: "1E014E1E-0013-434F-9C59-178DAC089687", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*", matchCriteriaId: "3CE836FD-3453-4277-BC18-A4868C183F42", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*", matchCriteriaId: "DA272C48-259B-4402-BB75-552B6983CD43", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*", matchCriteriaId: "D9685B12-824F-42AD-B87C-6E7A78BB7FA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "53EF087B-D7E9-4F9A-803A-B0260C495C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*", matchCriteriaId: "D0A88A76-CF8A-4D29-B480-E5317219072D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3D0C5120-B961-440F-B454-584BC54B549C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*", matchCriteriaId: "1CCBDFF9-AF42-4681-879B-CF789EBAD130", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*", matchCriteriaId: "38A18800-4BB0-46A1-BD9D-78EC7A07E7B9", versionEndExcluding: "21.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:beyondtrust:privilege_management_for_unix\\/linux:*:*:*:*:basic:*:*:*", matchCriteriaId: "48DC5B58-0E31-480E-BF05-787287DFF42B", versionEndExcluding: "10.3.2-10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*", matchCriteriaId: "1CE3FF32-E472-4E90-9DE5-803AD6FD9E27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*", matchCriteriaId: "7DA4F0AD-B8A4-4EB9-A220-FEEC9B147D3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9AA5297B-05DF-4A23-B684-60F2107339B0", versionEndIncluding: "410", versionStartIncluding: "400", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*", matchCriteriaId: "A2BBD07A-4731-41D1-AB66-77082951D99C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*", matchCriteriaId: "57E6A365-F04F-4991-888F-D8E9391A9857", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*", matchCriteriaId: "D1424AF8-9337-427B-B6FA-C5EB8B201FB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*", matchCriteriaId: "C78FDD3A-F241-4172-8725-7D51D8E705E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*", matchCriteriaId: "F607BA3F-246F-42BE-9EBD-A2CAE098C0C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D59535D6-8D64-4B8F-BC1B-5846600C9F81", versionEndIncluding: "655", versionStartIncluding: "610", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*", matchCriteriaId: "82A66154-5DF0-43FF-9F70-1221D3E6F919", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*", matchCriteriaId: "977CA754-6CE0-4FCB-9683-D81B7A15449D", versionEndIncluding: "10.3.0.2.1", versionStartIncluding: "10.3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*", matchCriteriaId: "29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B", versionEndIncluding: "10.4.0.3.1", versionStartIncluding: "10.4.0.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*", matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40", versionEndIncluding: "7.7.1", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.", }, { lang: "es", value: "Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de \"sudoedit -s\" y un argumento de línea de comandos que termina con un solo carácter de barra invertida", }, ], id: "CVE-2021-3156", lastModified: "2025-02-03T17:15:12.143", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-01-26T21:15:12.987", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Feb/42", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Jan/79", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Feb/3", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/26/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/02/15/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/8", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202101-33", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210128-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210128-0002/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212177", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4839", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/794544", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/01/26/3", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.sudo.ws/stable.html#1.9.5p2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_21_02", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Feb/42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/Jan/79", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Feb/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/26/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/01/27/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/02/15/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/01/30/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202101-33", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210128-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210128-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/794544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/01/26/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.sudo.ws/stable.html#1.9.5p2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_21_02", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-193", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-193", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-05 19:15
Modified
2025-02-15 00:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
certifi | certifi | * | |
netapp | management_services_for_element_software_and_netapp_hci | - | |
netapp | ontap_select_deploy_administration_utility | - | |
netapp | ontap_tools | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:certifi:certifi:*:*:*:*:*:python:*:*", matchCriteriaId: "BCBAE7B1-6D3F-435F-9917-28DE8A8DA0B1", versionEndExcluding: "2024.7.4", versionStartIncluding: "2021.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "5333B745-F7A3-46CB-8437-8668DB08CD6F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.7.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified \"long-running and unresolved compliance issues.\"", }, { lang: "es", value: " Certifi es una colección seleccionada de certificados raíz para validar la confiabilidad de los certificados SSL mientras se verifica la identidad de los hosts TLS. Certifi a partir de 2021.05.30 y antes de 2024.07.4 reconoció los certificados raíz de `GLOBALTRUST`. Certifi 2024.07.04 elimina los certificados raíz de `GLOBALTRUST` del almacén raíz. Estos están en proceso de ser eliminados del almacén de confianza de Mozilla. Los certificados raíz de \"GLOBALTRUST\" se están eliminando tras una investigación que identificó \"problemas de cumplimiento de larga duración y no resueltos\".", }, ], id: "CVE-2024-39689", lastModified: "2025-02-15T00:15:13.183", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-05T19:15:10.247", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", }, { source: "security-advisories@github.com", tags: [ "Mailing List", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20241206-0001/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-30 22:15
Modified
2025-01-10 22:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
openldap | openldap | 2.4 | |
redhat | enterprise_linux | 8.0 | |
redhat | enterprise_linux | 9.0 | |
apple | macos | * | |
apple | macos | * | |
apple | macos | * | |
netapp | active_iq_unified_manager | - | |
netapp | clustered_data_ontap | - | |
netapp | ontap_tools | - | |
netapp | h300s_firmware | - | |
netapp | h300s | - | |
netapp | h500s_firmware | - | |
netapp | h500s | - | |
netapp | h700s_firmware | - | |
netapp | h700s | - | |
netapp | h410s_firmware | - | |
netapp | h410s | - | |
netapp | h410c_firmware | - | |
netapp | h410c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openldap:openldap:2.4:*:*:*:*:*:*:*", matchCriteriaId: "AF7B8F72-1490-482D-80EB-D08637F2E037", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "FB5312D6-AEEA-4548-B3EF-B07B46168475", versionEndExcluding: "11.7.9", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "5B763A1F-C183-4728-B593-67558FD9FC36", versionEndExcluding: "12.6.8", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "3D701507-146E-4E5B-8C32-60E797E46627", versionEndExcluding: "13.5", versionStartIncluding: "13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", }, ], id: "CVE-2023-2953", lastModified: "2025-01-10T22:15:23.557", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-30T22:15:10.613", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/47", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/48", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/52", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-2953", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230703-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213843", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213844", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/47", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/48", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://seclists.org/fulldisclosure/2023/Jul/52", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-2953", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.openldap.org/show_bug.cgi?id=9904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230703-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213843", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213844", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213845", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-10 10:15
Modified
2025-02-04 15:15
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
{ cisaActionDue: "2021-12-24", cisaExploitAdd: "2021-12-10", cisaRequiredAction: "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.", cisaVulnerabilityName: "Apache Log4j2 Remote Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "03FA5E81-F9C0-403E-8A4B-E4284E4E7B72", versionEndExcluding: "2.3.1", versionStartIncluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC", versionEndExcluding: "2.12.2", versionStartIncluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "D31D423D-FC4D-428A-B863-55AF472B80DC", versionEndExcluding: "2.15.0", versionStartIncluding: "2.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", matchCriteriaId: "17854E42-7063-4A55-BF2A-4C7074CC2D60", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", matchCriteriaId: "53F32FB2-6970-4975-8BD0-EAE12E9AD03A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", matchCriteriaId: "B773ED91-1D39-42E6-9C52-D02210DE1A94", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", matchCriteriaId: "EF24312D-1A62-482E-8078-7EC24758B710", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8320869-CBF4-4C92-885C-560C09855BFA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*", matchCriteriaId: "755BA221-33DD-40A2-A517-8574D042C261", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*", matchCriteriaId: "07856DAA-EDB4-4522-BA16-CD302C9E39EF", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "F7AD819D-D093-472E-AA47-1A925111E4C8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "2D07A11A-A3C6-4D44-B2E0-A8358D23947A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*", matchCriteriaId: "61597661-A3B0-4A14-AA6B-C911E0063390", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*", matchCriteriaId: "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*", matchCriteriaId: "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*", matchCriteriaId: "A76AA04A-BB43-4027-895E-D1EACFCDF41B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*", matchCriteriaId: "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*", matchCriteriaId: "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*", matchCriteriaId: "B678380B-E95E-4A8B-A49D-D13B62AA454E", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*", matchCriteriaId: "4557476B-0157-44C2-BB50-299E7C7E1E72", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*", matchCriteriaId: "991B2959-5AA3-4B68-A05A-42D9860FAA9D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*", matchCriteriaId: "7E5948A0-CA31-41DF-85B6-1E6D09E5720B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*", matchCriteriaId: "4C08D302-EEAC-45AA-9943-3A5F09E29FAB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D53BA68C-B653-4507-9A2F-177CF456960F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*", matchCriteriaId: "1F0C3D5E-579F-42C6-9D8C-37969A1D17D2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*", matchCriteriaId: "2C16C460-9482-4A22-92AC-1AE0E87D7F28", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0E180527-5C36-4158-B017-5BEDC0412FD6", versionEndExcluding: "8.6.2j-398", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AFDADA98-1CD0-45DA-9082-BFC383F7DB97", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*", matchCriteriaId: "E33D707F-100E-4DE7-A05B-42467DE75EAC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*", matchCriteriaId: "2AC8AB52-F4F4-440D-84F5-2776BFE1957A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", matchCriteriaId: "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*", matchCriteriaId: "6423B1A7-F09F-421A-A0AC-3059CB89B110", versionEndExcluding: "2021-12-11", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*", matchCriteriaId: "48C6A61B-2198-4B9E-8BCF-824643C81EC3", versionEndExcluding: "2021-12-13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*", matchCriteriaId: "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "C74B9880-FFF9-48CA-974F-54FB80F30D2D", versionEndIncluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", matchCriteriaId: "74D1F4AD-9A60-4432-864F-4505B3C60659", versionEndIncluding: "1.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "7ABA5332-8D1E-4129-A557-FCECBAC12827", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*", matchCriteriaId: "9C3AA865-5570-4C8B-99DE-431AD7B163F1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*", matchCriteriaId: "00E03FB6-37F9-4559-8C86-F203D6782920", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*", matchCriteriaId: "90439591-BA01-4007-A2B6-B316548D4595", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*", matchCriteriaId: "E1F3B8B4-4D1B-4913-BD5F-1A04B47F829A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*", matchCriteriaId: "83E77D85-0AE8-41D6-AC0C-983A8B73C831", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*", matchCriteriaId: "02B28A44-3708-480D-9D6D-DDF8C21A15EC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*", matchCriteriaId: "2FC0A575-F771-4B44-A0C6-6A5FD98E5134", versionEndIncluding: "4.16.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "6D1D6B61-1F17-4008-9DFB-EF419777768E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*", matchCriteriaId: "9772EE3F-FFC5-4611-AD9A-8AD8304291BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*", matchCriteriaId: "CF524892-278F-4373-A8A3-02A30FA1AFF4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*", matchCriteriaId: "F30DE588-9479-46AA-8346-EA433EE83A5F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*", matchCriteriaId: "4941EAD6-8759-4C72-ABA6-259C0E838216", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*", matchCriteriaId: "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*", matchCriteriaId: "0762031C-DFF1-4962-AE05-0778B27324B9", versionEndExcluding: "2020", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*", matchCriteriaId: "96271088-1D1B-4378-8ABF-11DAB3BB4DDC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*", matchCriteriaId: "2595AD24-2DF2-4080-B780-BC03F810B9A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*", matchCriteriaId: "88096F08-F261-4E3E-9EEB-2AB0225CD6F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*", matchCriteriaId: "044994F7-8127-4F03-AA1A-B2AB41D68AF5", versionEndExcluding: "4.70", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*", matchCriteriaId: "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*", matchCriteriaId: "17B7C211-6339-4AF2-9564-94C7DE52EEB7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*", matchCriteriaId: "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", matchCriteriaId: "12F81F6B-E455-4367-ADA4-8A5EC7F4754A", versionEndExcluding: "2.30", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*", matchCriteriaId: "A5EF509E-3799-4718-B361-EFCBA17AEEF3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*", matchCriteriaId: "8CA31645-29FC-4432-9BFC-C98A808DB8CF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*", matchCriteriaId: "BB424991-0B18-4FFC-965F-FCF4275F56C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*", matchCriteriaId: "72D238AB-4A1F-458D-897E-2C93DCD7BA6C", versionEndExcluding: "2019.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*", matchCriteriaId: "9778339A-EA93-4D18-9A03-4EB4CBD25459", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*", matchCriteriaId: "1747F127-AB45-4325-B9A1-F3D12E69FFC8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*", matchCriteriaId: "18BBEF7C-F686-4129-8EE9-0F285CE38845", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*", matchCriteriaId: "AD525494-2807-48EA-AED0-11B9CB5A6A9B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*", matchCriteriaId: "1EDCBF98-A857-48BC-B04D-6F36A1975AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "099344DD-8AEE-49A0-88A8-691A8A1E651F", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "12A06BF8-E4DC-4389-8A91-8AC7598E0009", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8555F365-2BFD-4A0A-A7D0-1459241758B3", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*", matchCriteriaId: "18989EBC-E1FB-473B-83E0-48C8896C2E96", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*", matchCriteriaId: "EDE66B6C-25E5-49AE-B35F-582130502222", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*", matchCriteriaId: "22BEE177-D117-478C-8EAD-9606DEDF9FD5", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "F021E2E7-0D8F-4336-82A6-77E521347C4F", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*", matchCriteriaId: "1F66B0A2-22C0-41D5-B866-1764DEC12CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*", matchCriteriaId: "FC619106-991C-413A-809D-C2410EBA4CDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", matchCriteriaId: "B5BAA8A5-74B3-48EB-8287-302927197A4E", versionEndExcluding: "10.0.12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", matchCriteriaId: "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", matchCriteriaId: "26FCA75B-4282-4E0F-95B4-640A82C8E91C", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "197D0D80-6702-4B61-B681-AFDBA7D69067", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "F3A48D58-4291-4D3C-9CEA-BF12183468A7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4E52AF19-0158-451B-8E36-02CB6406083F", versionEndExcluding: "3.5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*", matchCriteriaId: "CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6", versionEndExcluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*", matchCriteriaId: "97426511-9B48-46F5-AC5C-F9781F1BAE2F", versionEndExcluding: "2021.11_1.162", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "82306B9F-AE97-4E29-A8F7-2E5BA52998A7", versionEndExcluding: "3.0.000.115", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "4C903C85-DC0F-47D8-B8BE-7A666877B017", versionEndExcluding: "3.1.000.044", versionStartIncluding: "3.1.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332", versionEndExcluding: "3.2.000.009", versionStartIncluding: "3.2.000.000", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*", matchCriteriaId: "52CF6199-8028-4076-952B-855984F30129", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1", versionEndExcluding: "4.10.0.16", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*", matchCriteriaId: "38FB3CE1-5F62-4798-A825-4E3DB07E868F", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*", matchCriteriaId: "29CDB878-B085-448E-AB84-25B1E2D024F8", versionEndExcluding: "5.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C25FDA96-9490-431F-B8B6-CC2CC272670E", versionEndExcluding: "5.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "51CD9E4C-9385-435C-AD18-6C36C8DF7B65", versionEndExcluding: "2.9.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "FC0AC4C1-CB06-4084-BFBB-5B702C384C53", versionEndExcluding: "2.10.0.1", versionStartIncluding: "2.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*", matchCriteriaId: "3871EBD2-F270-435A-B98C-A282E1C52693", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "C8EF64DA-73E4-4E5E-8F9A-B837C947722E", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "66E1E4FC-0B6E-4CFA-B003-91912F8785B2", versionEndExcluding: "2.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1B2390C3-C319-4F05-8CF0-0D30F9931507", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C154491E-06C7-48B0-AC1D-89BBDBDB902E", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1E98EC48-0CED-4E02-9CCB-06EF751F2BDC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C569DC2A-CFF6-4E13-A50C-E215A4F96D99", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "258A51AC-6649-4F67-A842-48A7AE4DCEE1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "8DC22505-DE11-4A1B-8C06-1E306419B031", versionEndExcluding: "4.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9E31AC54-B928-48B5-8293-F5F4A7A8C293", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "5B8AE870-6FD0-40D2-958B-548E2D7A7B75", versionEndExcluding: "2.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "68E7D83B-B6AC-45B1-89A4-D18D7A6018DD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*", matchCriteriaId: "17660B09-47AA-42A2-B5FF-8EBD8091C661", versionEndExcluding: "1.12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*", matchCriteriaId: "FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44", versionEndExcluding: "4.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "843147AE-8117-4FE9-AE74-4E1646D55642", versionEndExcluding: "11.3\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7EB871C9-CA14-4829-AED3-CC2B35E99E92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF8A83D-A282-4661-B133-213A8838FB27", versionEndExcluding: "2.1.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "139CDAA5-63E9-4E56-AF72-745BD88E4B49", versionEndExcluding: "2.2.2.8", versionStartIncluding: "2.2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", matchCriteriaId: "01FD99C4-BCB1-417E-ADCE-73314AD2E857", versionEndExcluding: "2.2.3.4", versionStartIncluding: "2.2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*", matchCriteriaId: "9031BE8A-646A-4581-BDE5-750FB0CE04CB", versionEndExcluding: "2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*", matchCriteriaId: "15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527", versionEndExcluding: "11.5\\(4\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*", matchCriteriaId: "7C950436-2372-4C4B-9B56-9CB48D843045", versionEndExcluding: "12.0\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B61F186-D943-4711-B3E0-875BB570B142", versionEndIncluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*", matchCriteriaId: "2A285C40-170D-4C95-8031-2C6E4D5FB1D4", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3C0F02B5-AA2A-48B2-AE43-38B45532C563", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*", matchCriteriaId: "830BDB28-963F-46C3-8D50-638FDABE7F64", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "54553C65-6BFA-40B1-958D-A4E3289D6B1D", versionEndExcluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*", matchCriteriaId: "439948AD-C95D-4FC3-ADD1-C3D241529F12", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*", matchCriteriaId: "9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2", versionEndExcluding: "2.3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "596A986D-E7DC-4FC4-A776-6FE87A91D7E4", versionEndExcluding: "1.0.9-361", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*", matchCriteriaId: "DD93434E-8E75-469C-B12B-7E2B6EDCAA79", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "78684844-4974-41AD-BBC1-961F60025CD2", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "3A00D235-FC9C-4EB7-A16C-BB0B09802E61", versionEndExcluding: "5.3.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F", versionEndExcluding: "5.4.5.2", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "E7A33E5F-BBC7-4917-9C63-900248B546D9", versionEndExcluding: "5.5.4.1", versionStartIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "12D98A7C-4992-4E58-A6BD-3D8173C8F2B0", versionEndExcluding: "5.6.3.1", versionStartIncluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA", versionEndExcluding: "2.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*", matchCriteriaId: "A4540CF6-D33E-4D33-8608-11129D6591FA", versionEndExcluding: "6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "129A7615-99E7-41F8-8EBC-CEDA10AD89AD", versionEndExcluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "5F46A7AC-C133-442D-984B-BA278951D0BF", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A1A75AB6-C3A7-4299-B35A-46A4BCD00816", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*", matchCriteriaId: "0A73E888-C8C2-4AFD-BA60-566D45214BCA", versionEndExcluding: "14.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*", matchCriteriaId: "4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD", versionEndExcluding: "12.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D673F6F7-C42A-4538-96F0-34CB4F0CB080", versionEndExcluding: "20.3.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "FD374819-3CED-4260-90B6-E3C1333EAAD2", versionEndExcluding: "20.4.2.1", versionStartIncluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "D2D89973-94AF-4BE7-8245-275F3FEB30F4", versionEndExcluding: "20.5.1.1", versionStartIncluding: "20.5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", matchCriteriaId: "91A9A889-2C2B-4147-8108-C35291761C15", versionEndExcluding: "20.6.2.1", versionStartIncluding: "20.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EEA1EC-C63C-4C7D-BFAE-BA4556332242", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*", matchCriteriaId: "ACE22D97-42FA-4179-99E5-C2EE582DB7FF", versionEndExcluding: "2.0\\(1p\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*", matchCriteriaId: "F6B5DB6D-9E7D-4403-8028-D7DA7493716B", versionEndExcluding: "6.8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*", matchCriteriaId: "B98D7AD5-0590-43FB-8AC0-376C9C500C15", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*", matchCriteriaId: "D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*", matchCriteriaId: "7E958AFF-185D-4D55-B74B-485BEAEC42FD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*", matchCriteriaId: "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*", matchCriteriaId: "B85B81F9-8837-426E-8639-AB0712CD1A96", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*", matchCriteriaId: "C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "34D89C42-AAD9-4B04-9F95-F77681E39553", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "897C8893-B0B6-4D6E-8D70-31B421D80B9A", versionEndExcluding: "11.6\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*", matchCriteriaId: "B0492049-D3AC-4512-A4BF-C9C26DA72CB0", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*", matchCriteriaId: "3868A8AA-6660-4332-AB0C-089C150D00E7", versionEndExcluding: "11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*", matchCriteriaId: "58BD72D6-4A79-49C9-9652-AB0136A591FA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*", matchCriteriaId: "A32761FD-B435-4E51-807C-2B245857F90E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*", matchCriteriaId: "154F7F71-53C5-441C-8F5C-0A82CB0DEC43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*", matchCriteriaId: "65FD3873-2663-4C49-878F-7C65D4B8E455", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0886FB04-24AA-4995-BA53-1E44F94E114E", versionEndExcluding: "7.14.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C61805C1-1F73-462C-A9CA-BB0CA4E57D0B", versionEndExcluding: "2.6.7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50", versionEndExcluding: "3.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0B78DD21-15F2-47A4-8A99-6DB6756920AC", versionEndExcluding: "3.4.4", versionStartIncluding: "3.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*", matchCriteriaId: "7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A", versionEndExcluding: "12.5\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "C200CABD-F91B-49C4-A262-C56370E44B4C", versionEndExcluding: "7.3.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*", matchCriteriaId: "DE22BE9B-374E-43DC-BA91-E3B9699A4C7C", versionEndExcluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*", matchCriteriaId: "61D1081F-87E8-4E8B-BEBD-0F239E745586", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "8D138973-02B0-4FEC-A646-FF1278DA1EDF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "30B55A5B-8C5E-4ECB-9C85-A8A3A3030850", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "14DBEC10-0641-441C-BE15-8F72C1762DCE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*", matchCriteriaId: "205C1ABA-2A4F-480F-9768-7E3EC43B03F5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*", matchCriteriaId: "D36FE453-C43F-448B-8A59-668DE95468C0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*", matchCriteriaId: "E8DF0944-365F-4149-9059-BDFD6B131DC5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*", matchCriteriaId: "6B37AA08-13C7-4FD0-8402-E344A270C8F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*", matchCriteriaId: "2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*", matchCriteriaId: "4646849B-8190-4798-833C-F367E28C1881", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*", matchCriteriaId: "4D6CF856-093A-4E89-A71D-50A2887C265B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*", matchCriteriaId: "B36A9043-0621-43CD-BFCD-66529F937859", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*", matchCriteriaId: "8842B42E-C412-4356-9F54-DFC53B683D3E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*", matchCriteriaId: "D25BC647-C569-46E5-AD45-7E315EBEB784", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B468EDA1-CDEF-44D4-9D62-C433CF27F631", versionEndExcluding: "3.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*", matchCriteriaId: "C90C6CD1-4678-4621-866B-F0CE819C8000", versionEndExcluding: "12.6\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9E4905E2-2129-469C-8BBD-EDA258815E2B", versionEndExcluding: "10.2.1v2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*", matchCriteriaId: "EC86AC6C-7C08-4EB9-A588-A034113E4BB1", versionEndExcluding: "11.5\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "82C8AD48-0130-4C20-ADEC-697668E2293B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4E75EF7C-8D71-4D70-91F0-74FC99A90CC3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "2DB7EE7D-8CB4-4804-9F9D-F235608E86E1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "77571973-2A94-4E15-AC5B-155679C3C565", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CA405A50-3F31-48ED-9AF1-4B02F5B367DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "D3753953-04E8-4382-A6EC-CD334DD83CF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B4A5F89F-1296-4A0F-A36D-082A481F190F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F50F48AF-44FF-425C-9685-E386F956C901", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*", matchCriteriaId: "A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*", matchCriteriaId: "CD975A0E-00A6-475E-9064-1D64E4291499", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*", matchCriteriaId: "2E50AC21-DA54-4BC8-A503-1935FD1714C7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "4D05E169-4AF1-4127-A917-056EC2CE781B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8AD415A2-422E-4F15-A177-C3696FEAFF0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*", matchCriteriaId: "134443B7-7BA8-4B50-8874-D4BF931BECFD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73ADF6EA-CD29-4835-8D72-84241D513AFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "BAC1A386-04C7-45B2-A883-1CD9AB60C14B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*", matchCriteriaId: "3F0F1639-D69E-473A-8926-827CCF73ACC9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*", matchCriteriaId: "F4FDF900-E9D6-454A-BF6B-821620CA59F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "1859BD43-BA2B-45A5-B523-C6BFD34C7B01", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*", matchCriteriaId: "1EBC145C-9A2F-4B76-953E-0F690314511C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*", matchCriteriaId: "158B7A53-FEC1-4B42-A1E2-E83E99564B07", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*", matchCriteriaId: "3A378971-1A08-4914-B012-8E24DCDEFC68", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*", matchCriteriaId: "4E5CC012-DC85-481A-B82A-9323C19674DA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*", matchCriteriaId: "76CF59ED-685D-46CD-80A2-AEDA4F03FE53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*", matchCriteriaId: "960B07C0-E205-47E7-B578-46A0AF559D04", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*", matchCriteriaId: "A1A194E1-405E-47FA-8CDF-58EB78883ACC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*", matchCriteriaId: "2E628231-61FB-40AF-A20B-00F5CB78E63B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*", matchCriteriaId: "2EA25E92-2C76-4722-BA06-53F33C0D961C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*", matchCriteriaId: "51D2940A-0D03-415B-B72E-1F6862DDAC41", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*", matchCriteriaId: "8B346ADC-00BE-4409-B658-A11351D2A7D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*", matchCriteriaId: "5A0E44A9-C427-493B-868A-8A8DA405E759", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*", matchCriteriaId: "B2B31E7C-0EB3-4996-8859-DF94A3EE20B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*", matchCriteriaId: "3EAB3E03-275F-4942-9396-FC7A22F42C8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*", matchCriteriaId: "19DAD751-D170-4914-BAB2-6054DFEEF404", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "2F429F37-3576-4D8A-9901-359D65EC3CF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F526DEF1-4A3E-4FE1-8153-E9252DAE5B92", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C19679D0-F4DC-4130-AFFD-692E5130531A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F60324DD-8450-4B14-A7A1-0D5EA5163580", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*", matchCriteriaId: "12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "13EA024C-97A4-4D33-BC3E-51DB77C51E76", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "85289E35-C7C2-46D0-9BDC-10648DD2C86F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "17282822-C082-4FBC-B46D-468DCF8EF6B8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "F5463DA6-5D44-4C32-B46C-E8A2ADD7646B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "54A237CF-A439-4114-AF81-D75582F29573", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*", matchCriteriaId: "A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "EF25688B-6659-4C7C-866D-79AA1166AD7A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*", matchCriteriaId: "47B70741-90D9-4676-BF16-8A21E147F532", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "ED862A1B-E558-4D44-839C-270488E735BB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2678AF98-1194-4810-9933-5BA50E409F88", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "37E7DEBD-9E47-4D08-86BC-D1B013450A98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "1A935862-18F7-45FE-B647-1A9BA454E304", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*", matchCriteriaId: "69594997-2568-4C10-A411-69A50BFD175F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*", matchCriteriaId: "1EC39E2D-C47B-4311-BC7B-130D432549F4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*", matchCriteriaId: "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*", matchCriteriaId: "460E6456-0E51-45BC-868E-DEEA5E3CD366", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*", matchCriteriaId: "F7F58659-A318-42A0-83C5-8F09FCD78982", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8A49E46-8501-4697-A17A-249A7D9F5A0B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*", matchCriteriaId: "5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "28B1524E-FDCA-4570-86DD-CE396271B232", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "74DC6F28-BFEF-4D89-93D5-10072DAC39C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*", matchCriteriaId: "BA1D60D7-1B4A-4EEE-A26C-389D9271E005", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1D726F07-06F1-4B0A-B010-E607E0C2A280", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*", matchCriteriaId: "41E168ED-D664-4749-805E-77644407EAFE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", matchCriteriaId: "DCD69468-8067-4A5D-B2B0-EC510D889AA0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", matchCriteriaId: "85F22403-B4EE-4303-9C94-915D3E0AC944", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BBCA75A6-0A3E-4393-8884-9F3CE190641E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "D619BF54-1BA9-45D0-A876-92D7010088A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*", matchCriteriaId: "808F8065-BD3A-4802-83F9-CE132EDB8D34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*", matchCriteriaId: "B236B13E-93B9-424E-926C-95D3DBC6CA5D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*", matchCriteriaId: "8A63CC83-0A6E-4F33-A1BE-214A33B51518", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*", matchCriteriaId: "37DB7759-6529-46DE-B384-10F060D86A97", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*", matchCriteriaId: "8C640AD9-146E-488A-B166-A6BB940F97D3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*", matchCriteriaId: "DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*", matchCriteriaId: "7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F477CACA-2AA0-417C-830D-F2D3AE93153A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*", matchCriteriaId: "7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*", matchCriteriaId: "04E0BB7B-0716-4DBD-89B9-BA11AAD77C00", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*", matchCriteriaId: "64C98A76-0C31-45E7-882B-35AE0D2C5430", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "379F8D86-BE87-4250-9E85-494D331A0398", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "71F69E51-E59D-4AE3-B242-D6D2CFDB3F46", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "578DA613-8E15-4748-A4B7-646415449609", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "544EFAD6-CE2F-4E1D-9A00-043454B72889", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2E16DF9C-3B64-4220-82B6-6E20C7807BAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B9CD5B8A-9846-48F1-9495-77081E44CBFC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "68E6CD49-6F71-4E17-B046-FBE91CE91CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0BDD8018-7E77-4C89-917E-ACDC678A7DE2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*", matchCriteriaId: "A7D39156-A47D-405E-8C02-CAE7D637F99A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*", matchCriteriaId: "5426FC59-411D-4963-AFEF-5B55F68B8958", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*", matchCriteriaId: "810E9A92-4302-4396-94D3-3003947DB2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "522C36A5-7520-4368-BD92-9AB577756493", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CB2EC4BE-FFAF-4605-8A96-2FEF35975540", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CA1D3C2A-E5FA-400C-AC01-27A3E5160477", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63B27050-997B-4D54-8E5A-CE9E33904318", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "5ABF05B8-1B8A-4CCF-A1AD-D8602A247718", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2F74580D-0011-4ED9-9A00-B4CDB6685154", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "17A3C22E-1980-49B6-8985-9FA76A77A836", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1AB42DC-CE58-448A-A6B5-56F31B15F4A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*", matchCriteriaId: "9DC32B55-0C76-4669-8EAD-DCC16355E887", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*", matchCriteriaId: "6CDA737F-337E-4C30-B68D-EF908A8D6840", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*", matchCriteriaId: "9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*", matchCriteriaId: "4BA4F513-CBA1-4523-978B-D498CEDAE0CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*", matchCriteriaId: "6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*", matchCriteriaId: "D00F6719-2C73-4D8D-8505-B9922E8A4627", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*", matchCriteriaId: "EFE9210F-39C5-4828-9608-6905C1D378D4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*", matchCriteriaId: "A1CEDCE4-CFD1-434B-B157-D63329CBA24A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "33660EB8-2984-4258-B8AD-141B7065C85E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*", matchCriteriaId: "0ACA346D-5103-47F0-8BD9-7A8AD9B92E98", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A38BDF03-23C8-4BB6-A44D-68818962E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*", matchCriteriaId: "3104C099-FEDA-466B-93CC-D55F058F7CD3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "890EA1C7-5990-4C71-857F-197E6F5B4089", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*", matchCriteriaId: "56F21CF4-83FE-4529-9871-0FDD70D3095E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9331834-9EAD-46A1-9BD4-F4027E49D0C3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "0E707E44-12CD-46C3-9124-639D0265432E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2FEE8482-DB64-4421-B646-9E5F560D1712", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4385CE6E-6283-4621-BBD9-8E66E2A34843", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "1782219F-0C3D-45B7-80C7-D1DAA70D90B1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7AA674-6BC2-490F-8D8A-F575B11F4BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*", matchCriteriaId: "6945C4DE-C070-453E-B641-2F5B9CFA3B6D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*", matchCriteriaId: "DAB8C7C0-D09B-4232-A88E-57D25AF45457", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*", matchCriteriaId: "ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*", matchCriteriaId: "820D579C-AA45-4DC1-945A-748FFCD51CA2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*", matchCriteriaId: "7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*", matchCriteriaId: "A44E6007-7A3A-4AD3-9A65-246C59B73FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*", matchCriteriaId: "3D508E51-4075-4E34-BB7C-65AF9D56B49F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "376D06D5-D68E-4FF0-97E5-CBA2165A05CF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*", matchCriteriaId: "18ED6B8F-2064-4BBA-A78D-4408F13C724D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*", matchCriteriaId: "94091FE3-AB88-4CF5-8C4C-77B349E716A9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "91D62A73-21B5-4D16-A07A-69AED2D40CC0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "53F1314A-9A2C-43DC-8203-E4654EF013CC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0ADE468B-8F0C-490D-BB4C-358D947BA8E4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "32FEE78D-309E-491D-9AB6-98005F1CBF49", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "878D9901-675D-4444-B094-0BA505E7433F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "66E25EE4-AB7B-42BF-A703-0C2E83E83577", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*", matchCriteriaId: "D8F35520-F04A-4863-A1BC-0EDD2D1804F7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF9855FD-7747-4D9E-9542-703B1EC9A382", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E07AF386-D8A5-44F5-A418-940C9F88A36A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "113C77DA-AC22-4D67-9812-8510EFC0A95F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4BE221AB-A3B0-4CFF-9BC0-777773C2EF63", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "15941265-1E7E-4C3E-AF1D-027C5E0D3141", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "54AA2B0C-92A1-4B53-88D7-6E31120F5041", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F9BD7207-85FB-4484-8720-4D11F296AC10", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "62E009C4-BE3E-4A14-91EF-8F667B2220A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*", matchCriteriaId: "088512E1-434D-4685-992E-192A98ECAD9A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*", matchCriteriaId: "50A7BBC6-077C-4182-AA7A-577C4AAC3CD8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*", matchCriteriaId: "E0536F45-3A49-4F93-942E-AF679DFC7017", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "3D54794B-6CD5-46D7-B9E9-62A642143562", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "BE844DCA-FF52-43F5-BDD9-836A812A8CFF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*", matchCriteriaId: "07B261EB-CA63-4796-BD15-A6770FD68B34", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*", matchCriteriaId: "29F9067A-B86C-4A6B-ACB7-DB125E04B795", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*", matchCriteriaId: "FAC4CC92-8BA0-4D96-9C48-5E311CDED53F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*", matchCriteriaId: "8F2437A5-217A-4CD1-9B72-A31BDDC81F42", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*", matchCriteriaId: "9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*", matchCriteriaId: "2CE47760-0E71-4FCA-97D1-CF0BB71CAC17", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*", matchCriteriaId: "89B2D4F5-CB86-4B25-8C14-CED59E8A3F22", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*", matchCriteriaId: "B150B636-6267-4504-940F-DC37ABEFB082", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*", matchCriteriaId: "D00B9911-A7CA-467E-B7A3-3AF31828D5D9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*", matchCriteriaId: "B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*", matchCriteriaId: "6D428C9B-53E1-4D26-BB4D-57FDE02FA613", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "CDB41596-FACF-440A-BB6C-8CAD792EC186", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D8C88EE2-5702-4E8B-A144-CB485435FD62", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "1BC62844-C608-4DB1-A1AD-C1B55128C560", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*", matchCriteriaId: "EFF2FFA4-358A-4F33-BC67-A9EF8A30714E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*", matchCriteriaId: "53C0BBDE-795E-4754-BB96-4D6D4B5A804F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7A41E377-16F9-423F-8DC2-F6EDD54E1069", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*", matchCriteriaId: "F0C2789E-255B-45D9-9469-B5B549A01F53", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EFAFEC61-2128-4BFA-992D-54742BD4911A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F12AF70E-2201-4F5D-A929-A1A057B74252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*", matchCriteriaId: "A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163", versionEndExcluding: "8.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C42D44C8-9894-4183-969B-B38FDA1FEDF9", versionEndExcluding: "3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*", matchCriteriaId: "8CD3B3D3-CC14-4278-9914-F7C6E86D3119", versionEndExcluding: "6.4.3.2", versionStartIncluding: "6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*", matchCriteriaId: "0C5D6BF7-A818-4C7D-A305-91EB622271AC", versionEndExcluding: "6.2.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*", matchCriteriaId: "16E0A04D-30BE-4AB3-85A1-13AF614C425C", versionEndIncluding: "7.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", matchCriteriaId: "E0755E91-2F36-4EC3-8727-E8BF0427E663", versionEndExcluding: "13.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.", }, { lang: "es", value: "Las características JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuración, los mensajes de registro y los parámetros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los parámetros de los mensajes de registro puede ejecutar código arbitrario cargado desde servidores LDAP cuando la sustitución de la búsqueda de mensajes está habilitada. A partir de la versión 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versión 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es específica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services", }, ], id: "CVE-2021-44228", lastModified: "2025-02-04T15:15:13.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-12-10T10:15:09.143", references: [ { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "security@apache.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "security@apache.org", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Dec/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/Mar/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/13/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/14/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/15/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/cisagov/log4j-affected-db", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Product", "US Government Resource", ], url: "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "Vendor Advisory", ], url: "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211210-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Exploit", "Third Party Advisory", ], url: "https://twitter.com/kurtseifried/status/1469345530182455296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-400", }, { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-917", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-04 13:15
Modified
2024-11-21 05:01
Severity ?
Summary
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", matchCriteriaId: "CED3C1F7-6FFA-44D1-BC56-2BB1963F3B9F", versionEndExcluding: "4.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", matchCriteriaId: "CB8D7864-41B0-443E-96CF-B011B95223F0", versionEndExcluding: "4.3.100", versionStartIncluding: "4.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*", matchCriteriaId: "EEA51D83-5841-4335-AF07-7A43C118CAAE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*", matchCriteriaId: "49ADE0C3-F75C-4EC0-8805-56013F0EB92C", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*", matchCriteriaId: "D8FF625A-EFA3-43D1-8698-4A37AE31A07C", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*", matchCriteriaId: "E3B99BBD-97FE-4615-905A-A614592226F8", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*", matchCriteriaId: "E7A9AD3A-F030-4331-B52A-518BD963AB8A", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*", matchCriteriaId: "C293B8BE-6691-4944-BCD6-25EB98CABC73", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*", matchCriteriaId: "CEA650F8-2576-494A-A861-61572CA319D0", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*", matchCriteriaId: "4ED21EE8-7CBF-4BC5-BFC3-185D41296238", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "0BC62D4E-D519-458C-BE4E-10DDB73A97D3", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "1C420117-862A-41A9-BAE8-8B3478FAEBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "4A484251-3220-498C-83FE-A04B013A31A4", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "E0CE4157-852B-42ED-A77C-8A17B189432E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "C76A0B44-13DE-4173-8D05-DA54F6A71759", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*", matchCriteriaId: "1450241C-2F6D-4122-B33C-D78D065BA403", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*", matchCriteriaId: "721AFD22-91D3-488E-A5E6-DD84C86E412B", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*", matchCriteriaId: "8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "41E44E9F-6383-4E12-AEDC-B653FEA77A48", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*", matchCriteriaId: "466D9A37-2658-4695-9429-0C6BF4A631C2", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*", matchCriteriaId: "99774181-5F12-446C-AC2C-DB1C52295EED", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*", matchCriteriaId: "4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "99C71C00-7222-483B-AEFB-159337BD3C92", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "75A9AA28-1B20-44BB-815C-7294A53E910E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "8C213794-111D-41F3-916C-AD97F731D600", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "50811A7B-0379-4437-8737-B4C1ACBC9EFD", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "F12E4CF5-536C-416B-AD8D-6AE7CBE22C71", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "EE002C76-406D-4F22-B738-E17BDEA70BCC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", matchCriteriaId: "6C2ACC32-5147-4EA5-95BE-B6B4EAB3D82B", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "85DF4B3F-4BBC-42B7-B729-096934523D63", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F921BC85-568E-4B69-A3CD-CF75C76672F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E63B7B2-409A-476E-BA12-2A2D2F3B85DE", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*", matchCriteriaId: "983D27DE-BC89-454E-AE47-95A26A3651E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADB5D4C9-DA14-4188-9181-17336F9445F6", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*", matchCriteriaId: "5825AEE1-B668-40BD-86A9-2799430C742C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*", matchCriteriaId: "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90B7CFBF-761C-4EAA-A322-EF5E294AADED", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0CF40B-E5BD-4558-9321-184D58EF621D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E74AAF52-1388-4BD9-B17B-3A6A32CA3608", versionEndExcluding: "xcp2410", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*", matchCriteriaId: "95503CE5-1D06-4092-A60D-D310AADCAFB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FC0460E-4695-44FB-99EE-28B2C957B760", versionEndExcluding: "xcp3110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*", matchCriteriaId: "5825AEE1-B668-40BD-86A9-2799430C742C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD54A092-85A7-4459-9C69-19E6E24AC24B", versionEndExcluding: "xcp3110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*", matchCriteriaId: "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F813DBC-BA1E-4C73-AA11-1BD3F9508372", versionEndExcluding: "xcp3110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0CF40B-E5BD-4558-9321-184D58EF621D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B", versionEndExcluding: "xcp3110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*", matchCriteriaId: "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "416B805F-799A-4466-AC5A-93D083A2ABBD", versionEndExcluding: "xcp3110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*", matchCriteriaId: "95503CE5-1D06-4092-A60D-D310AADCAFB1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.", }, { lang: "es", value: "ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegación de servicio (salida del demonio o cambio de hora del sistema) mediante la predicción de las marcas de tiempo de transmisión para su uso en paquetes falsificados. La víctima debe confiar en fuentes de tiempo IPv4 no autenticadas. Debe haber un atacante fuera de la ruta que pueda consultar el tiempo desde la instancia ntpd de la víctima", }, ], id: "CVE-2020-13817", lastModified: "2024-11-21T05:01:55.633", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-04T13:15:11.053", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/NtpBug3596", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.ntp.org/show_bug.cgi?id=3596", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-12", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200625-0004/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/NtpBug3596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.ntp.org/show_bug.cgi?id=3596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200625-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-01 15:15
Modified
2024-11-21 05:59
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "A69D5FF1-A151-4AF6-B5E6-35EB45DC1852", versionEndExcluding: "9.4.39", versionStartIncluding: "7.2.2", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "3008A0E3-FBFC-49AA-8867-16BD10B125DB", versionEndExcluding: "10.0.2", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "1B8688FE-13CC-4598-913D-50EB38DDCBEC", versionEndExcluding: "11.0.2", versionStartIncluding: "11.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*", matchCriteriaId: "97994257-C9A4-4491-B362-E8B25B7187AB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "4479F76A-4B67-41CC-98C7-C76B81050F8E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*", matchCriteriaId: "19EEAA04-A7BD-4FFF-8B0B-CEE5EC09F75C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F80CB000-C477-486C-838C-B2FE82647670", versionEndIncluding: "8.2.4.0", versionStartIncluding: "8.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "349C4D65-23E9-446A-8A36-94FF55686812", versionEndIncluding: "8.2.4.0", versionStartIncluding: "8.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B5E43770-8F83-4077-9EB0-3BF4A19A2E75", versionEndExcluding: "21.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_core_-_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "BEAB4771-C33C-4151-AEAE-A6D2C892C3C8", versionEndIncluding: "21.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", matchCriteriaId: "8E071B1A-A339-4622-9150-59F62B151353", versionEndExcluding: "2.277.3", vulnerable: true, }, { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", matchCriteriaId: "EB777690-DCA0-4E68-B30E-E997A1281D4E", versionEndExcluding: "2.286", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C30E9A12-5B7B-42F6-B9D3-18DA133E5F4E", versionEndExcluding: "3.9.8", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CC05F69D-6C6B-472D-87B7-84231F14CA8B", versionEndExcluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D179365A-1E70-4B07-B882-FD082FE2AA58", versionEndExcluding: "11.70.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_storage:*:*:*:*:*:vcenter:*:*", matchCriteriaId: "3930F108-9019-4B4A-8918-6CE9F58551D2", versionEndExcluding: "1.10", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*", matchCriteriaId: "FCB4EAC3-3114-43DF-89DA-879C7C578FB4", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:*:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "E28AE83F-D666-4EDC-A276-F78F3A73D716", versionEndExcluding: "9.10", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "AB15BCF1-1B1D-49D8-9B76-46DCB10044DB", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_web_services_proxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A21FA571-8C10-4633-802D-6C20A8290145", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "04A544A2-C80D-488B-AC04-104F9FB3FA85", versionEndExcluding: "4.6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "20E0A1CE-7467-4EAC-877D-D6D473AE0AA2", versionEndExcluding: "9.10", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*", matchCriteriaId: "8BC51CBC-4973-4145-945C-56035034D772", versionEndExcluding: "9.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.", }, { lang: "es", value: "En Eclipse Jetty versiones 7.2.2 hasta 9.4.38, versiones 10.0.0.alpha0 hasta 10.0.1 y versiones 11.0.0.alpha0 hasta 11.0.1, el uso de CPU puede alcanzar el 100% al recibir una gran trama TLS no válida.", }, ], id: "CVE-2021-28165", lastModified: "2024-11-21T05:59:13.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "emo@eclipse.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-01T15:15:14.237", references: [ { source: "emo@eclipse.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/04/20/3", }, { source: "emo@eclipse.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a%40%3Cissues.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287%40%3Cissues.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r23785214d47673b811ef119ca3a40f729801865ea1e891572d15faa6%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r2afc72af069a7fe89ca2de847f3ab3971cb1d668a9497c999946cd78%40%3Ccommits.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r2f2d9c3b7cc750a6763d6388bcf5db0c7b467bd8be6ac4d6aea4f0cf%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r31f591a0deac927ede8ccc3eac4bb92697ee2361bf01549f9e3440ca%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r33eb3889ca0aa12720355e64fc2f8f1e8c0c28a4d55b3b4b8891becb%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r401b1c592f295b811608010a70792b11c91885b72af9f9410cffbe35%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r411d75dc6bcefadaaea246549dd18e8d391a880ddf28a796f09ce152%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r47a7542ab61da865fff3db0fe74bfe76c89a37b6e6d2c2a423f8baee%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r4891d45625cc522fe0eb764ac50d48bcca9c0db4805ea4a998d4c225%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f%40%3Cissues.ignite.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r4abbd760d24bab2b8f1294c5c9216ae915100099c4391ad64e9ae38b%40%3Cdev.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5ca94bc42a4fd46%40%3Cissues.ignite.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r520c56519b8820955a86966f499e7a0afcbcf669d6f7da59ef1eb155%40%3Ccommits.pulsar.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r56e5568ac73daedcb3b5affbb4b908999f03d3c1b1ada3920b01e959%40%3Cdev.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9dae4aa8cc65fe6b%40%3Cissues.ignite.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r5d1f16dca2e010193840068f1a1ec17b7015e91acc646607cbc0a4da%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r5f172f2dd8fb02f032ef4437218fd4f610605a3dd4f2a024c1e43b94%40%3Cissues.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r64ff94118f6c80e6c085c6e2d51bbb490eaefad0642db8c936e4f0b7%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r6535b2beddf0ed2d263ab64ff365a5f790df135a1a2f45786417adb7%40%3Cdev.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r65daad30d13f7c56eb5c3d7733ad8dddbf62c469175410777a78d812%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r694e57d74fcaa48818a03c282aecfa13ae68340c798dfcb55cb7acc7%40%3Cdev.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918dd34bd22cdf8dd%40%3Cissues.ignite.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r6b070441871a4e6ce8bb63e190c879bb60da7c5e15023de29ebd4f9f%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r6ce2907b2691c025250ba010bc797677ef78d5994d08507a2e5477c9%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r6f256a1d15505f79f4050a69bb8f27b34cb353604dd2f765c9da5df7%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r71031d0acb1de55c9ab32f4750c50ce2f28543252e887ca03bd5621e%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r7189bf41cb0c483629917a01cf296f9fbdbda3987084595192e3845d%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r72bf813ed4737196ea3ed26494e949577be587fd5939fe8be09907c7%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r746434be6abff9ad321ff54ecae09e1f09c1c7c139021f40a5774090%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r769155244ca2da2948a44091bb3bb9a56e7e1c71ecc720b8ecf281f0%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r7bf7004c18c914fae3d5a6a0191d477e5b6408d95669b3afbf6efa36%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r7c40fb3a66a39b6e6c83b0454bc6917ffe6c69e3131322be9c07a1da%40%3Cissues.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r81748d56923882543f5be456043c67daef84d631cf54899082058ef1%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r83453ec252af729996476e5839d0b28f07294959d60fea1bd76f7d81%40%3Cissues.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r90327f55db8f1d079f9a724aabf1f5eb3c00c1de49dc7fd04cad1ebc%40%3Ccommits.pulsar.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r940f15db77a96f6aea92d830bc94d8d95f26cc593394d144755824da%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r942f4a903d0abb25ac75c592e57df98dea51350e8589269a72fd7913%40%3Cissues.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b827d455e5dc9a6%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r9b793db9f395b546e66fb9c44fe1cd75c7755029e944dfee31b8b779%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r9db72e9c33b93eba45a214af588f1d553839b5c3080fc913854a49ab%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r9fae5a4087d9ed1c9d4f0c7493b6981a4741cfb4bebb2416da638424%40%3Cissues.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ra210e38ae0bf615084390b26ba01bb5d66c0a76f232277446ae0948a%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ra21b3e6bd9669377139fe33fb46edf6fece3f31375bc42a0dcc964b2%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ra50519652b0b7f869a14fbfb4be9758a29171d7fe561bb7e036e8449%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ra9dd15ba8a4fb7e42c7fe948a6d6b3868fd6bbf8e3fb37fcf33b2cd0%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rae8bbc5a516f3e21b8a55e61ff6ad0ced03bdbd116d2170a3eed9f5c%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/raea6e820644e8c5a577f77d4e2044f8ab52183c2536b00c56738beef%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb00345f6b1620b553d2cc1acaf3017aa75cea3776b911e024fa3b187%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb11a13e623218c70b9f2a2d0d122fdaaf905e04a2edcd23761894464%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb1624b9777a3070135e94331a428c6653a6a1edccd56fa9fb7a547f2%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb2d34abb67cdf525945fe4b821c5cdbca29a78d586ae1f9f505a311c%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb66ed0b4bb74836add60dd5ddf9172016380b2aeefb7f96fe348537b%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rb8f5a6ded384eb00608e6137e87110e7dd7d5054cc34561cb89b81af%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rbab9e67ec97591d063905bc7d4743e6a673f1bc457975fc0445ac97f%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rbba0b02a3287e34af328070dd58f7828612f96e2e64992137f4dc63d%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rbcd7b477df55857bb6cae21fcc4404683ac98aac1a47551f0dc55486%40%3Cissues.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rbd9a837a18ca57ac0d9b4165a6eec95ee132f55d025666fe41099f33%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rc4779abc1cface47e956cf9f8910f15d79c24477e7b1ac9be076a825%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rc4dbc9907b0bdd634200ac90a15283d9c143c11af66e7ec72128d020%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rc6c43c3180c0efe00497c73dd374cd34b62036cb67987ad42c1f2dce%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rc907ed7b089828364437de5ed57fa062330970dc1bc5cd214b711f77%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rcdea97f4d3233298296aabc103c9fcefbf629425418c2b69bb16745f%40%3Ccommits.pulsar.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd313e7b476c47a9c%40%3Cissues.solr.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd24d8a059233167b4a5aebda4b3534ca1d86caa8a85b10a73403ee97%40%3Ccommits.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd6c1eb9a8a94b3ac8a525d74d792924e8469f201b77e1afcf774e7a6%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd755dfe5f658c42704540ad7950cebd136739089c3231658e398cf38%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd7c8fb305a8637480dc943ba08424c8992dccad018cd1405eb2afe0e%40%3Cdev.ignite.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rd9ea411a58925cc82c32e15f541ead23cb25b4b2d57a2bdb0341536e%40%3Cjira.kafka.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rdbf2a2cd1800540ae50dd78b57411229223a6172117d62b8e57596aa%40%3Cissues.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rdde34d53aa80193cda016272d61e6749f8a9044ccb37a30768938f7e%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rdf4fe435891e8c35e70ea5da033b4c3da78760f15a8c4212fad89d9f%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rdfe5f1c071ba9dadba18d7fb0ff13ea6ecb33da624250c559999eaeb%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/re0545ecced2d468c94ce4dcfa37d40a9573cc68ef5f6839ffca9c1c1%40%3Ccommits.hbase.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/re3a1617d16a7367f767b8209b2151f4c19958196354b39568c532f26%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/re577736ca7da51952c910b345a500b7676ea9931c9b19709b87f292b%40%3Cissues.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/re6614b4fe7dbb945409daadb9e1cc73c02383df68bf9334736107a6e%40%3Cdev.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ree1895a256a9db951e0d97a76222909c2e1f28c1a3d89933173deed6%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rf1b02dfccd27b8bbc3afd119b212452fa32e9ed7d506be9357a3a7ec%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rf6de4c249bd74007f5f66f683c110535f46e719d2f83a41e8faf295f%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rf99f9a25ca24fe519c9346388f61b5b3a09be31b800bf37f01473ad7%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rfc9f51b4e21022b3cd6cb6f90791a6a6999560212e519b5f09db0aed%40%3Ccommits.pulsar.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/rfd3ff6e66b6bbcfb2fefa9f5a20328937c0369b2e142e3e1c6774743%40%3Creviews.spark.apache.org%3E", }, { source: "emo@eclipse.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210611-0006/", }, { source: "emo@eclipse.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4949", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "emo@eclipse.org", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/04/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a%40%3Cissues.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287%40%3Cissues.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r23785214d47673b811ef119ca3a40f729801865ea1e891572d15faa6%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r2afc72af069a7fe89ca2de847f3ab3971cb1d668a9497c999946cd78%40%3Ccommits.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r2f2d9c3b7cc750a6763d6388bcf5db0c7b467bd8be6ac4d6aea4f0cf%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r31f591a0deac927ede8ccc3eac4bb92697ee2361bf01549f9e3440ca%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r33eb3889ca0aa12720355e64fc2f8f1e8c0c28a4d55b3b4b8891becb%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r40136c2010fccf4fb2818a965e5d7ecca470e5f525c232ec5b8eb83a%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r401b1c592f295b811608010a70792b11c91885b72af9f9410cffbe35%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r411d75dc6bcefadaaea246549dd18e8d391a880ddf28a796f09ce152%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r47a7542ab61da865fff3db0fe74bfe76c89a37b6e6d2c2a423f8baee%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4891d45625cc522fe0eb764ac50d48bcca9c0db4805ea4a998d4c225%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f%40%3Cissues.ignite.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4abbd760d24bab2b8f1294c5c9216ae915100099c4391ad64e9ae38b%40%3Cdev.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5ca94bc42a4fd46%40%3Cissues.ignite.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r520c56519b8820955a86966f499e7a0afcbcf669d6f7da59ef1eb155%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r56e5568ac73daedcb3b5affbb4b908999f03d3c1b1ada3920b01e959%40%3Cdev.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9dae4aa8cc65fe6b%40%3Cissues.ignite.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r5d1f16dca2e010193840068f1a1ec17b7015e91acc646607cbc0a4da%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r5f172f2dd8fb02f032ef4437218fd4f610605a3dd4f2a024c1e43b94%40%3Cissues.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r64ff94118f6c80e6c085c6e2d51bbb490eaefad0642db8c936e4f0b7%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6535b2beddf0ed2d263ab64ff365a5f790df135a1a2f45786417adb7%40%3Cdev.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r65daad30d13f7c56eb5c3d7733ad8dddbf62c469175410777a78d812%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r694e57d74fcaa48818a03c282aecfa13ae68340c798dfcb55cb7acc7%40%3Cdev.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918dd34bd22cdf8dd%40%3Cissues.ignite.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6b070441871a4e6ce8bb63e190c879bb60da7c5e15023de29ebd4f9f%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6ce2907b2691c025250ba010bc797677ef78d5994d08507a2e5477c9%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r6f256a1d15505f79f4050a69bb8f27b34cb353604dd2f765c9da5df7%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r71031d0acb1de55c9ab32f4750c50ce2f28543252e887ca03bd5621e%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7189bf41cb0c483629917a01cf296f9fbdbda3987084595192e3845d%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r72bf813ed4737196ea3ed26494e949577be587fd5939fe8be09907c7%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r746434be6abff9ad321ff54ecae09e1f09c1c7c139021f40a5774090%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r769155244ca2da2948a44091bb3bb9a56e7e1c71ecc720b8ecf281f0%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7bf7004c18c914fae3d5a6a0191d477e5b6408d95669b3afbf6efa36%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7c40fb3a66a39b6e6c83b0454bc6917ffe6c69e3131322be9c07a1da%40%3Cissues.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r81748d56923882543f5be456043c67daef84d631cf54899082058ef1%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r83453ec252af729996476e5839d0b28f07294959d60fea1bd76f7d81%40%3Cissues.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r90327f55db8f1d079f9a724aabf1f5eb3c00c1de49dc7fd04cad1ebc%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r940f15db77a96f6aea92d830bc94d8d95f26cc593394d144755824da%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r942f4a903d0abb25ac75c592e57df98dea51350e8589269a72fd7913%40%3Cissues.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b827d455e5dc9a6%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9b793db9f395b546e66fb9c44fe1cd75c7755029e944dfee31b8b779%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9db72e9c33b93eba45a214af588f1d553839b5c3080fc913854a49ab%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9fae5a4087d9ed1c9d4f0c7493b6981a4741cfb4bebb2416da638424%40%3Cissues.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra210e38ae0bf615084390b26ba01bb5d66c0a76f232277446ae0948a%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra21b3e6bd9669377139fe33fb46edf6fece3f31375bc42a0dcc964b2%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra50519652b0b7f869a14fbfb4be9758a29171d7fe561bb7e036e8449%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra9dd15ba8a4fb7e42c7fe948a6d6b3868fd6bbf8e3fb37fcf33b2cd0%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rae8bbc5a516f3e21b8a55e61ff6ad0ced03bdbd116d2170a3eed9f5c%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/raea6e820644e8c5a577f77d4e2044f8ab52183c2536b00c56738beef%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb00345f6b1620b553d2cc1acaf3017aa75cea3776b911e024fa3b187%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb11a13e623218c70b9f2a2d0d122fdaaf905e04a2edcd23761894464%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb1624b9777a3070135e94331a428c6653a6a1edccd56fa9fb7a547f2%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb2d34abb67cdf525945fe4b821c5cdbca29a78d586ae1f9f505a311c%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb66ed0b4bb74836add60dd5ddf9172016380b2aeefb7f96fe348537b%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb8f5a6ded384eb00608e6137e87110e7dd7d5054cc34561cb89b81af%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbab9e67ec97591d063905bc7d4743e6a673f1bc457975fc0445ac97f%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbba0b02a3287e34af328070dd58f7828612f96e2e64992137f4dc63d%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8423584735f369f%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbcd7b477df55857bb6cae21fcc4404683ac98aac1a47551f0dc55486%40%3Cissues.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbd9a837a18ca57ac0d9b4165a6eec95ee132f55d025666fe41099f33%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc4779abc1cface47e956cf9f8910f15d79c24477e7b1ac9be076a825%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc4dbc9907b0bdd634200ac90a15283d9c143c11af66e7ec72128d020%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc6c43c3180c0efe00497c73dd374cd34b62036cb67987ad42c1f2dce%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc907ed7b089828364437de5ed57fa062330970dc1bc5cd214b711f77%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rcdea97f4d3233298296aabc103c9fcefbf629425418c2b69bb16745f%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd313e7b476c47a9c%40%3Cissues.solr.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd24d8a059233167b4a5aebda4b3534ca1d86caa8a85b10a73403ee97%40%3Ccommits.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd6c1eb9a8a94b3ac8a525d74d792924e8469f201b77e1afcf774e7a6%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd755dfe5f658c42704540ad7950cebd136739089c3231658e398cf38%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd7c8fb305a8637480dc943ba08424c8992dccad018cd1405eb2afe0e%40%3Cdev.ignite.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd9ea411a58925cc82c32e15f541ead23cb25b4b2d57a2bdb0341536e%40%3Cjira.kafka.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rdbf2a2cd1800540ae50dd78b57411229223a6172117d62b8e57596aa%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rdde34d53aa80193cda016272d61e6749f8a9044ccb37a30768938f7e%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rdf4fe435891e8c35e70ea5da033b4c3da78760f15a8c4212fad89d9f%40%3Ccommits.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rdfe5f1c071ba9dadba18d7fb0ff13ea6ecb33da624250c559999eaeb%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re0545ecced2d468c94ce4dcfa37d40a9573cc68ef5f6839ffca9c1c1%40%3Ccommits.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re3a1617d16a7367f767b8209b2151f4c19958196354b39568c532f26%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re577736ca7da51952c910b345a500b7676ea9931c9b19709b87f292b%40%3Cissues.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re6614b4fe7dbb945409daadb9e1cc73c02383df68bf9334736107a6e%40%3Cdev.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ree1895a256a9db951e0d97a76222909c2e1f28c1a3d89933173deed6%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf1b02dfccd27b8bbc3afd119b212452fa32e9ed7d506be9357a3a7ec%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf6de4c249bd74007f5f66f683c110535f46e719d2f83a41e8faf295f%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf99f9a25ca24fe519c9346388f61b5b3a09be31b800bf37f01473ad7%40%3Cnotifications.zookeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rfc9f51b4e21022b3cd6cb6f90791a6a6999560212e519b5f09db0aed%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rfd3ff6e66b6bbcfb2fefa9f5a20328937c0369b2e142e3e1c6774743%40%3Creviews.spark.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, ], sourceIdentifier: "emo@eclipse.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, { lang: "en", value: "CWE-551", }, ], source: "emo@eclipse.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-07 08:15
Modified
2025-02-11 16:15
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.
Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.
Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apache | tomcat | * | |
apache | tomcat | * | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 10.1.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
apache | tomcat | 11.0.0 | |
netapp | ontap_tools | 9 | |
netapp | ontap_tools | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F40EB4-1D56-45C7-B083-B1613E63B26C", versionEndExcluding: "9.0.90", versionStartIncluding: "9.0.13", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "6F8D202A-1A79-47E5-81AD-A3C4BBB135EB", versionEndExcluding: "10.1.25", versionStartIncluding: "10.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "6D402B5D-5901-43EB-8E6A-ECBD512CE367", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*", matchCriteriaId: "33C71AE1-B38E-4783-BAC2-3CDA7B4D9EBA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*", matchCriteriaId: "F6BD4180-D3E8-42AB-96B1-3869ECF47F6C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*", matchCriteriaId: "64668CCF-DBC9-442D-9E0F-FD40E1D0DDB7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*", matchCriteriaId: "FC64BB57-4912-481E-AE8D-C8FCD36142BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*", matchCriteriaId: "49B43BFD-6B6C-4E6D-A9D8-308709DDFB44", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*", matchCriteriaId: "919C16BD-79A7-4597-8D23-2CBDED2EF615", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*", matchCriteriaId: "81B27C03-D626-42EC-AE4E-1E66624908E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone17:*:*:*:*:*:*", matchCriteriaId: "BD81405D-81A5-4683-A355-B39C912DAD2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone18:*:*:*:*:*:*", matchCriteriaId: "2DCE3576-86BC-4BB8-A5FB-1274744DFD7F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone19:*:*:*:*:*:*", matchCriteriaId: "5571F54A-2EAC-41B6-BDA9-7D33CFE97F70", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*", matchCriteriaId: "9846609D-51FC-4CDD-97B3-8C6E07108F14", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone20:*:*:*:*:*:*", matchCriteriaId: "ED30E850-C475-4133-BDE3-74CB3768D787", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*", matchCriteriaId: "2E321FB4-0B0C-497A-BB75-909D888C93CB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*", matchCriteriaId: "3B0CAE57-AF7A-40E6-9519-F5C9F422C1BE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*", matchCriteriaId: "7CB9D150-EED6-4AE9-BCBE-48932E50035E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*", matchCriteriaId: "D334103F-F64E-4869-BCC8-670A5AFCC76C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*", matchCriteriaId: "941FCF7B-FFB6-4967-95C7-BB3D32C73DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*", matchCriteriaId: "CE1A9030-B397-4BA6-8E13-DA1503872DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*", matchCriteriaId: "6284B74A-1051-40A7-9D74-380FEEEC3F88", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*", matchCriteriaId: "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*", matchCriteriaId: "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone12:*:*:*:*:*:*", matchCriteriaId: "0092FB35-3B00-484F-A24D-7828396A4FF6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone13:*:*:*:*:*:*", matchCriteriaId: "CB557E88-FA9D-4B69-AA6F-EAEE7F9B01AC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone14:*:*:*:*:*:*", matchCriteriaId: "72D3C6F1-84FA-4F82-96C1-9A8DA1C1F30F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone15:*:*:*:*:*:*", matchCriteriaId: "3521C81B-37D9-48FC-9540-D0D333B9A4A4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone16:*:*:*:*:*:*", matchCriteriaId: "02A84634-A8F2-4BA9-B9F3-BEF36AEC5480", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone17:*:*:*:*:*:*", matchCriteriaId: "ECBBC1F1-C86B-40AF-B740-A99F6B27682A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone18:*:*:*:*:*:*", matchCriteriaId: "9D2206B2-F3FF-43F2-B3E2-3CAAC64C691D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone19:*:*:*:*:*:*", matchCriteriaId: "0495A538-4102-40D0-A35C-0179CFD52A9D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", matchCriteriaId: "2AAD52CE-94F5-4F98-A027-9A7E68818CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone20:*:*:*:*:*:*", matchCriteriaId: "77BA6600-0890-4BA1-B447-EC1746BAB4FD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", matchCriteriaId: "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", matchCriteriaId: "03A171AF-2EC8-4422-912C-547CDB58CAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*", matchCriteriaId: "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*", matchCriteriaId: "49350A6E-5E1D-45B2-A874-3B8601B3ADCC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*", matchCriteriaId: "5F50942F-DF54-46C0-8371-9A476DD3EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*", matchCriteriaId: "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*", matchCriteriaId: "98792138-DD56-42DF-9612-3BDC65EEC117", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "5333B745-F7A3-46CB-8437-8668DB08CD6F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\n\n\n\nApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.", }, { lang: "es", value: "Vulnerabilidad de asignación de recursos sin límites o limitación de recursos en Apache Tomcat. Este problema afecta a Apache Tomcat: desde la versión 11.0.0-M1 hasta la 11.0.0-M20, desde la versión 10.1.0-M1 hasta la 10.1.24, desde la versión 9.0.13 hasta la 9.0.89. También pueden verse afectadas versiones anteriores no compatibles. Se recomienda a los usuarios que actualicen a la versión 11.0.0-M21, 10.1.25 o 9.0.90, que soluciona el problema. Apache Tomcat, en determinadas configuraciones de cualquier plataforma, permite a un atacante provocar un error OutOfMemoryError abusando del proceso de enlace TLS.", }, ], id: "CVE-2024-38286", lastModified: "2025-02-11T16:15:56.757", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "security@apache.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-07T08:15:13.007", references: [ { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/09/23/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20241101-0010/", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "security@apache.org", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-01 13:15
Modified
2024-11-21 09:49
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", matchCriteriaId: "1102FFF5-77B1-400E-93F8-AC6CFE2CC93C", versionEndExcluding: "4.4", vulnerable: true, }, { criteria: "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", matchCriteriaId: "EC13B91D-82A4-48B1-83AB-EC129C83D316", versionEndExcluding: "9.8", versionStartIncluding: "8.6", vulnerable: true, }, { criteria: "cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*", matchCriteriaId: "4C37CBBB-A4AA-40D0-9609-0620FDC12BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*", matchCriteriaId: "7945F60B-460E-4CA6-9EB4-BEE663386D50", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*", matchCriteriaId: "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "01363FFA-F7A6-43FC-8D47-E67F95410095", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "FB056B47-1F45-4CE4-81F6-872F66C24C29", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "F843B777-5C64-4CAE-80D6-89DC2C9515B1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", matchCriteriaId: "39D345D3-108A-4551-A112-5EE51991411A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*", matchCriteriaId: "09F471C6-69AF-4E78-8143-17E783C80B9F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", matchCriteriaId: "359012F1-2C63-415A-88B8-6726A87830DE", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*", matchCriteriaId: "47842532-D2B6-44CB-ADE2-4AC8630A4D8C", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*", matchCriteriaId: "21538C5B-A130-411E-B5F7-BBBA4C9D488A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*", matchCriteriaId: "5D4BE4FC-249C-4B58-9513-BF482444CB64", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "8C5DA53D-744B-4087-AEA9-257F18949E4D", versionEndIncluding: "11.70.2", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", matchCriteriaId: "A87EFA20-DD6B-41C5-98FD-A29F67D2E732", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", matchCriteriaId: "2888B0C1-4D85-42EC-9696-03FAD0A9C28F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*", matchCriteriaId: "556F4943-7BA4-4E09-94B3-4515DC3C7807", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*", matchCriteriaId: "6AFEC561-D79B-498B-B59D-1D82B21BDF1A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*", matchCriteriaId: "A3306F11-D3C0-41D6-BB5E-2ABDC3927715", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*", matchCriteriaId: "9E584FE1-3A34-492B-B10F-508DA7CBA768", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*", matchCriteriaId: "A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*", matchCriteriaId: "761B4382-E857-4868-9F80-189B7F60256B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*", matchCriteriaId: "51B17801-15FD-4425-BA6C-BE06B14F1BFE", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*", matchCriteriaId: "E9CAFF74-AD36-4D29-83F3-23E0417C485D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*", matchCriteriaId: "1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*", matchCriteriaId: "E7A81663-047E-4328-BE3A-CF65AB55B29F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*", matchCriteriaId: "17DAE911-21E1-4182-85A0-B9F0059DDA7F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*", matchCriteriaId: "ABEA48EC-24EA-4106-9465-CE66B938635F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*", matchCriteriaId: "8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*", matchCriteriaId: "BC8C769C-A23E-4F61-AC42-4DA64421B096", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*", matchCriteriaId: "FA25530A-133C-4D7C-8993-D5C42D79A0B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*", matchCriteriaId: "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*", matchCriteriaId: "69A72B5A-2189-4700-8E8B-1E5E7CA86C40", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*", matchCriteriaId: "5771F187-281B-4680-B562-EFC7441A8F88", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*", matchCriteriaId: "0A4437F5-9DDA-4769-974E-23BFA085E0DB", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*", matchCriteriaId: "A9C3A3D4-C9F4-41EB-B532-821AF83470B1", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*", matchCriteriaId: "878A1F0A-087F-47D7-9CA5-A54BB8D6676A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*", matchCriteriaId: "CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*", matchCriteriaId: "50A5E650-31FB-45BE-8827-641B58A83E45", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*", matchCriteriaId: "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*", matchCriteriaId: "BF309824-D379-4749-A1FA-BCB2987DD671", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*", matchCriteriaId: "79D770C6-7A57-4A49-8164-C55391F62301", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*", matchCriteriaId: "AA813990-8C8F-4EE8-9F2B-9F73C510A7B2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "A6A2EBE8-012E-470E-9E56-56ACBE345F78", versionEndIncluding: "10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.", }, { lang: "es", value: "Se encontró una condición de ejecución del controlador de señales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincrónica. Sin embargo, este controlador de señales llama a varias funciones que no son seguras para señales asíncronas, por ejemplo, syslog().", }, ], id: "CVE-2024-6387", lastModified: "2024-11-21T09:49:33.050", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-01T13:15:06.467", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4312", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4340", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4389", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4469", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4474", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4479", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4484", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2024-6387", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", }, { source: "secalert@redhat.com", url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.openssh.com/txt/release-9.8", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2024/Jul/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2024/Jul/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2024/Jul/20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/01/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/01/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/02/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/03/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/04/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/04/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/08/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/08/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/09/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/10/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/11/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/11/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/23/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/23/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/28/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/28/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4340", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4389", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2024:4484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2024-6387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://explore.alas.aws.amazon.com/CVE-2024-6387.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/AlmaLinux/updates/issues/629", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/Azure/AKS/issues/4379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/microsoft/azurelinux/issues/9555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/oracle/oracle-linux/issues/149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/rapier1/hpn-ssh/issues/87", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/zgzhang/cve-2024-6387-poc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://news.ycombinator.com/item?id=40843778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security-tracker.debian.org/tracker/CVE-2024-6387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240701-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sig-security.rocky.page/issues/CVE-2024-6387/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT214118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT214119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT214120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ubuntu.com/security/CVE-2024-6387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ubuntu.com/security/notices/USN-6859-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.openssh.com/txt/release-9.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.suse.com/security/cve/CVE-2024-6387.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.theregister.com/2024/07/01/regresshion_openssh/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-364", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-15 20:15
Modified
2024-11-21 08:46
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
linux | linux_kernel | * | |
linux | linux_kernel | 6.7 | |
linux | linux_kernel | 6.7 | |
linux | linux_kernel | 6.7 | |
linux | linux_kernel | 6.7 | |
linux | linux_kernel | 6.7 | |
netapp | ontap_tools | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "AFE668C1-15AF-4C7B-8071-8E46711B501B", versionEndExcluding: "6.7", versionStartIncluding: "6.1.36", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*", matchCriteriaId: "3A0038DE-E183-4958-A6E3-CE3821FEAFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*", matchCriteriaId: "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*", matchCriteriaId: "C56C6E04-4F04-44A3-8DB8-93899903CFCF", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*", matchCriteriaId: "5C78EDA4-8BE6-42FC-9512-49032D525A55", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*", matchCriteriaId: "32F2E5CA-13C6-4601-B530-D465CBF73D1C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.", }, { lang: "es", value: "Se encontró un fallo de lectura de memoria fuera de los límites en receive_encrypted_standard en fs/smb/client/smb2ops.c en el subcomponente SMB Client en el kernel de Linux. Este problema se produce debido a un desbordamiento insuficiente de enteros en la longitud de memcpy, lo que provoca una denegación de servicio.", }, ], id: "CVE-2024-0565", lastModified: "2024-11-21T08:46:53.230", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-15T20:15:43.630", references: [ { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", ], url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240223-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-07 19:15
Modified
2024-11-21 08:09
Severity ?
Summary
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos_5 | * | |
mit | kerberos_5 | 1.21 | |
mit | kerberos_5 | 1.21 | |
debian | debian_linux | 10.0 | |
netapp | active_iq_unified_manager | - | |
netapp | clustered_data_ontap | 9.0 | |
netapp | hci | - | |
netapp | management_services_for_element_software | - | |
netapp | ontap_tools | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", matchCriteriaId: "8F862235-F5E3-46F0-8907-5521B79DD14D", versionEndExcluding: "1.20.2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.21:-:*:*:*:*:*:*", matchCriteriaId: "77FA11D6-3074-412F-9008-A4F690C79133", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.21:beta1:*:*:*:*:*:*", matchCriteriaId: "5096413B-6BEE-424A-A198-C01934E45000", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:9.0:-:*:*:*:*:*:*", matchCriteriaId: "52DE3DFE-350F-4E83-B425-1D7D47BEF6DA", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", matchCriteriaId: "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", }, ], id: "CVE-2023-36054", lastModified: "2024-11-21T08:09:15.227", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-07T19:15:09.840", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230908-0004/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://web.mit.edu/kerberos/www/advisories/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230908-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://web.mit.edu/kerberos/www/advisories/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-824", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }