Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1542 vulnerabilities by NETGEAR

    JVNDB-2026-000018

    Vulnerability from jvndb - Published: 2026-01-30 14:23 - Updated:2026-01-30 14:23
    Severity
    Summary
    Undocumented "TelnetEnable" functionality of End of Service NETGEAR products
    Details
    Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
    • Inclusion of Undocumented Features or Chicken Bits (CWE-1242) - CVE-2026-24714
    Misato Ito, Daichi Uezono, Ryu Kuki, Iwaki Miyamoto, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported the issue on NETGEAR PR2000 to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000018.html",
      "dc:date": "2026-01-30T14:23+09:00",
      "dcterms:issued": "2026-01-30T14:23+09:00",
      "dcterms:modified": "2026-01-30T14:23+09:00",
      "description": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box.\u003cul\u003e\u003cli\u003eInclusion of Undocumented Features or Chicken Bits (CWE-1242) - CVE-2026-24714\u003c/li\u003e\u003c/ul\u003eMisato Ito, Daichi Uezono, Ryu Kuki, Iwaki Miyamoto, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported the issue on NETGEAR PR2000 to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000018.html",
      "sec:cpe": {
        "#text": "cpe:/o:netgear:pr2000_firmware",
        "@product": "PR2000 firmware",
        "@vendor": "NETGEAR",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.5",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2026-000018",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN46722282/index.html",
          "@id": "JVN#46722282",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-24714",
          "@id": "CVE-2026-24714",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Undocumented \"TelnetEnable\" functionality of End of Service NETGEAR products"
    }

    CVE-2026-24714 (GCVE-0-2026-24714)

    Vulnerability from nvd – Published: 2026-01-30 03:53 – Updated: 2026-01-30 17:59 Unsupported When Assigned
    VLAI
    Summary
    Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1242 - Inclusion of undocumented features or chicken bits
    Assigner
    Impacted products
    Vendor Product Version
    NETGEAR NETGEAR products Affected: versions which provide "TelnetEnable" functionality
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24714",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-30T17:59:24.138913Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-30T17:59:45.410Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NETGEAR products",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions which provide \"TelnetEnable\" functionality"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1242",
                  "description": "Inclusion of undocumented features or chicken bits",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-30T03:53:30.144Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.netgear.com/about/eos/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN46722282/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2026-24714",
        "datePublished": "2026-01-30T03:53:30.144Z",
        "dateReserved": "2026-01-26T05:24:46.172Z",
        "dateUpdated": "2026-01-30T17:59:45.410Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10063 (GCVE-0-2013-10063)

    Vulnerability from nvd – Published: 2025-08-01 20:46 – Updated: 2026-05-15 11:14 Unsupported When Assigned
    VLAI
    Title
    Netgear SPH200D <= 1.0.4.80 Path Traversal via HTTP GET
    Summary
    A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear SPH200D Affected: 0 , ≤ 1.0.4.80 (custom)
    Create a notification for this product.
    Date Public
    2013-01-31 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10063",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:38:41.804173Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:38:45.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24441"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Any GET-accessible path"
              ],
              "product": "SPH200D",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.4.80",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:netgear:sph200d:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.0.4.80",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions \u0026lt;= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences.\u0026nbsp;This can expose sensitive system files and configuration data.\u003c/p\u003e"
                }
              ],
              "value": "A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions \u003c= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences.\u00a0This can expose sensitive system files and configuration data."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T11:14:18.461Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24441"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-sph200d-path-traversal-via-http-get"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Netgear SPH200D \u003c= 1.0.4.80 Path Traversal via HTTP GET",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10063",
        "datePublished": "2025-08-01T20:46:21.225Z",
        "dateReserved": "2025-08-01T18:54:27.633Z",
        "dateUpdated": "2026-05-15T11:14:18.461Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10060 (GCVE-0-2013-10060)

    Vulnerability from nvd – Published: 2025-08-01 20:45 – Updated: 2026-05-15 11:14 Unsupported When Assigned
    VLAI
    Title
    Netgear Routers pppoe.cgi RCE
    Summary
    An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear DGN2200B Affected: 0 , ≤ 1.0.0.36 (custom)
    Create a notification for this product.
    Date Public
    2013-02-18 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10060",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:22:06.129053Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:22:09.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24513"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24974"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web interface (pppoe.cgi)"
              ],
              "product": "DGN2200B",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.0.36",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.0.0.36",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-02-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated OS command injection vulnerability exists in\u0026nbsp;\u003c/span\u003eNetgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored."
                }
              ],
              "value": "An authenticated OS command injection vulnerability exists in\u00a0Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T11:14:17.701Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24513"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24974"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-legacy-routers-rce"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Netgear Routers pppoe.cgi RCE",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10060",
        "datePublished": "2025-08-01T20:45:59.280Z",
        "dateReserved": "2025-08-01T17:22:29.909Z",
        "dateUpdated": "2026-05-15T11:14:17.701Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10061 (GCVE-0-2013-10061)

    Vulnerability from nvd – Published: 2025-08-01 20:45 – Updated: 2026-04-07 14:03
    VLAI
    Title
    Netgear Routers setup.cgi RCE
    Summary
    An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear DGN1000B Affected: 1.1.00.24
    Affected: 1.1.00.45
    Create a notification for this product.
    Date Public
    2013-02-07 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10061",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:15:59.267461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:16:02.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24464"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24931"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20150218074318/http://www.s3cur1ty.de/m1adv2013-005"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "setup.cgi"
              ],
              "product": "DGN1000B",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.00.24"
                },
                {
                  "status": "affected",
                  "version": "1.1.00.45"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn1000v3_firmware:1.0.0.25:*:*:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn1000v3_firmware:1.0.0.45:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication."
                }
              ],
              "value": "An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:03:14.806Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24464"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24931"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20150218074318/http://www.s3cur1ty.de/m1adv2013-005"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-legacy-routers-rce-2"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Netgear Routers setup.cgi RCE",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10061",
        "datePublished": "2025-08-01T20:45:34.559Z",
        "dateReserved": "2025-08-01T18:31:18.857Z",
        "dateUpdated": "2026-04-07T14:03:14.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6565 (GCVE-0-2025-6565)

    Vulnerability from nvd – Published: 2025-06-24 13:00 – Updated: 2025-06-25 12:41
    VLAI
    Title
    Netgear WNCE3001 HTTP POST Request http_d stack-based overflow
    Summary
    A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear WNCE3001 Affected: 1.0.0.50
    Create a notification for this product.
    Credits
    xiaobor123 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6565",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T15:36:46.136796Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-25T12:41:43.852Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "HTTP POST Request Handler"
              ],
              "product": "WNCE3001",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.50"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xiaobor123 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in Netgear WNCE3001 1.0.0.50 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion http_d der Komponente HTTP POST Request Handler. Mittels Manipulieren des Arguments Host mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:00:12.914Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-313737 | Netgear WNCE3001 HTTP POST Request http_d stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.313737"
            },
            {
              "name": "VDB-313737 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.313737"
            },
            {
              "name": "Submit #590030 | Netgear WNCE3001 1.0.0.50 Stack-based buffer overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.590030"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-wnce3001-netgear"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-wnce3001-netgear#poc"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.netgear.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-24T10:04:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WNCE3001 HTTP POST Request http_d stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6565",
        "datePublished": "2025-06-24T13:00:12.914Z",
        "dateReserved": "2025-06-24T07:59:36.976Z",
        "dateUpdated": "2025-06-25T12:41:43.852Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-25246 (GCVE-0-2025-25246)

    Vulnerability from nvd – Published: 2025-02-05 00:00 – Updated: 2025-02-12 20:51
    VLAI
    Summary
    NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    NETGEAR XR1000 Affected: 0 , < 1.0.0.74 (custom)
    Create a notification for this product.
    NETGEAR XR1000v2 Affected: 0 , < 1.1.0.22 (custom)
    Create a notification for this product.
    NETGEAR XR500 Affected: 0 , < 2.3.2.134 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-25246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T14:47:44.132747Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:51:31.641Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "XR1000",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "1.0.0.74",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XR1000v2",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "1.1.0.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XR500",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "2.3.2.134",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:52:42.145Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-25246",
        "datePublished": "2025-02-05T00:00:00.000Z",
        "dateReserved": "2025-02-05T00:00:00.000Z",
        "dateUpdated": "2025-02-12T20:51:31.641Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23690 (GCVE-0-2024-23690)

    Vulnerability from nvd – Published: 2025-02-04 14:34 – Updated: 2025-11-22 12:19 Unsupported When Assigned
    VLAI
    Title
    EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection
    Summary
    The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted "util backup_configuration" commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear FVS336Gv3 Affected: 0 , ≤ 4.3.5-3 (semver)
    Create a notification for this product.
    Netgear FVS336Gv2 Affected: 0 , ≤ 4.3.3-6 (semver)
    Create a notification for this product.
    Credits
    Jacob Baines
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23690",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T14:58:11.357988Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-04T14:58:15.609Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FVS336Gv3",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "4.3.5-3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FVS336Gv2",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "4.3.3-6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:h:netgear:fvs336gv3:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.3.5-3",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:netgear:fvs336gv2:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.3.3-6",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jacob Baines"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted \"util backup_configuration\" commands. \u003cbr\u003e"
                }
              ],
              "value": "The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted \"util backup_configuration\" commands."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-22T12:19:16.575Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/netgear-fvs336g-rce"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2024-23690",
        "datePublished": "2025-02-04T14:34:00.370Z",
        "dateReserved": "2024-01-19T17:35:14.201Z",
        "dateUpdated": "2025-11-22T12:19:16.575Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12147 (GCVE-0-2024-12147)

    Vulnerability from nvd – Published: 2024-12-04 17:31 – Updated: 2025-01-14 14:06 Unsupported When Assigned
    VLAI
    Title
    Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow
    Summary
    A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear R6900 Affected: 1.0.1.26_1.0.20
    Create a notification for this product.
    netgear r6900_firmware Affected: 1.0.1.26_1.0.20
        cpe:2.3:o:netgear:r6900_firmware:1.0.1.26:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    upload (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:r6900_firmware:1.0.1.26:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "r6900_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.0.1.26_1.0.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12147",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T21:00:20.499367Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T21:05:51.105Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "HTTP Header Handler"
              ],
              "product": "R6900",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.1.26_1.0.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "upload (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
            },
            {
              "lang": "de",
              "value": "In Netgear R6900 1.0.1.26_1.0.20 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Datei upgrade_check.cgi der Komponente HTTP Header Handler. Durch Manipulation des Arguments Content-Length mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.8,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-14T14:06:27.563Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-286873 | Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.286873"
            },
            {
              "name": "VDB-286873 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.286873"
            },
            {
              "name": "Submit #451858 | Netgear R6900v1 R6900-V1.0.1.26_1.0.20 Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.451858"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/upload000/Hub/blob/main/IOT/Netgear_R6900.md"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://www.netgear.com/about/eos/"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.netgear.com/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-04T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-01-14T15:11:21.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12147",
        "datePublished": "2024-12-04T17:31:04.826Z",
        "dateReserved": "2024-12-04T12:46:25.939Z",
        "dateUpdated": "2025-01-14T14:06:27.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6814 (GCVE-0-2024-6814)

    Vulnerability from nvd – Published: 2024-08-21 16:09 – Updated: 2024-08-21 17:54
    VLAI
    Title
    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability
    Summary
    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getFilterString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23399.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    NETGEAR ProSAFE Network Management System Affected: 1.7.0.34 x64
    Create a notification for this product.
    netgear nms300_firmware Affected: 1.7.0.34_x64 , < 1.7.0.37 (custom)
        cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-18 18:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nms300_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "1.7.0.37",
                    "status": "affected",
                    "version": "1.7.0.34_x64",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T17:50:57.790542Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T17:54:08.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ProSAFE Network Management System",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0.34 x64"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-16T21:14:46.879Z",
          "datePublic": "2024-07-18T18:20:02.177Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getFilterString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23399."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-21T16:09:11.108Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-901",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-901/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.netgear.com/000066232/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0019"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
          },
          "title": "NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-6814",
        "datePublished": "2024-08-21T16:09:11.108Z",
        "dateReserved": "2024-07-16T21:14:46.853Z",
        "dateUpdated": "2024-08-21T17:54:08.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6813 (GCVE-0-2024-6813)

    Vulnerability from nvd – Published: 2024-08-21 16:09 – Updated: 2024-08-21 17:55
    VLAI
    Title
    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability
    Summary
    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getSortString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23207.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    NETGEAR ProSAFE Network Management System Affected: 1.7.0.34 x64
    Create a notification for this product.
    netgear nms300_firmware Affected: 1.7.0.34_x64 , < 1.7.0.37 (custom)
        cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-18 18:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nms300_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "1.7.0.37",
                    "status": "affected",
                    "version": "1.7.0.34_x64",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6813",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T17:54:38.483101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T17:55:49.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ProSAFE Network Management System",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0.34 x64"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-16T21:14:06.432Z",
          "datePublic": "2024-07-18T18:20:16.593Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getSortString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23207."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-21T16:09:01.959Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-902",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-902/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.netgear.com/000066231/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0018"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-6813",
        "datePublished": "2024-08-21T16:09:01.959Z",
        "dateReserved": "2024-07-16T21:14:06.386Z",
        "dateUpdated": "2024-08-21T17:55:49.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7153 (GCVE-0-2024-7153)

    Vulnerability from nvd – Published: 2024-07-27 22:00 – Updated: 2024-08-01 21:52
    VLAI
    Title
    Netgear WN604 siteSurvey.php direct request
    Summary
    A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear WN604 Affected: 20240719
    Create a notification for this product.
    netgear wn604_firmware Affected: 20240719
        cpe:2.3:a:netgear:wn604_firmware:20240719:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wiki (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:netgear:wn604_firmware:20240719:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wn604_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "status": "affected",
                    "version": "20240719"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7153",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T18:19:09.449691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T18:23:59.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:30.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-272556 | Netgear WN604 siteSurvey.php direct request",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.272556"
              },
              {
                "name": "VDB-272556 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.272556"
              },
              {
                "name": "Submit #377056 | Netgear WN604 Missing Authentication",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.377056"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WN604",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240719"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wiki (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine problematische Schwachstelle in Netgear WN604 bis 20240719 entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei siteSurvey.php. Durch das Beeinflussen mit unbekannten Daten kann eine direct request-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-425",
                  "description": "CWE-425 Direct Request",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-27T22:00:08.933Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-272556 | Netgear WN604 siteSurvey.php direct request",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.272556"
            },
            {
              "name": "VDB-272556 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.272556"
            },
            {
              "name": "Submit #377056 | Netgear WN604 Missing Authentication",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.377056"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-27T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-27T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-27T07:55:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WN604 siteSurvey.php direct request"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-7153",
        "datePublished": "2024-07-27T22:00:08.933Z",
        "dateReserved": "2024-07-27T05:50:25.410Z",
        "dateUpdated": "2024-08-01T21:52:30.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6646 (GCVE-0-2024-6646)

    Vulnerability from nvd – Published: 2024-07-10 17:31 – Updated: 2024-08-01 21:41
    VLAI
    Title
    Netgear WN604 Web Interface downloadFile.php information disclosure
    Summary
    A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.271052 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.271052 signaturepermissions-required
    https://vuldb.com/?submit.367382 third-party-advisory
    https://github.com/mikutool/vul/issues/1 exploitissue-tracking
    Impacted products
    Vendor Product Version
    Netgear WN604 Affected: 20240710
    Create a notification for this product.
    netgear wn604 Affected: 0 , < 20240710 (custom)
        cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wn604",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "20240710",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6646",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T19:59:59.120182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T20:01:16.816Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:04.277Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-271052 | Netgear WN604 Web Interface downloadFile.php information disclosure",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.271052"
              },
              {
                "name": "VDB-271052 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.271052"
              },
              {
                "name": "Submit #367382 | NETGEAR NETGEAR Wireless N150Access Point WN604 Sensitive information leakage",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.367382"
              },
              {
                "tags": [
                  "exploit",
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://github.com/mikutool/vul/issues/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Web Interface"
              ],
              "product": "WN604",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240710"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in Netgear WN604 bis 20240710 ausgemacht. Dies betrifft einen unbekannten Teil der Datei /downloadFile.php der Komponente Web Interface. Dank Manipulation des Arguments file mit der Eingabe config mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-10T17:31:04.041Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-271052 | Netgear WN604 Web Interface downloadFile.php information disclosure",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.271052"
            },
            {
              "name": "VDB-271052 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.271052"
            },
            {
              "name": "Submit #367382 | NETGEAR NETGEAR Wireless N150Access Point WN604 Sensitive information leakage",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.367382"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/mikutool/vul/issues/1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-10T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-10T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-10T12:23:22.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WN604 Web Interface downloadFile.php information disclosure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-6646",
        "datePublished": "2024-07-10T17:31:04.041Z",
        "dateReserved": "2024-07-10T10:18:02.495Z",
        "dateUpdated": "2024-08-01T21:41:04.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-24714 (GCVE-0-2026-24714)

    Vulnerability from cvelistv5 – Published: 2026-01-30 03:53 – Updated: 2026-01-30 17:59 Unsupported When Assigned
    VLAI
    Summary
    Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1242 - Inclusion of undocumented features or chicken bits
    Assigner
    Impacted products
    Vendor Product Version
    NETGEAR NETGEAR products Affected: versions which provide "TelnetEnable" functionality
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24714",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-30T17:59:24.138913Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-30T17:59:45.410Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NETGEAR products",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "versions which provide \"TelnetEnable\" functionality"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1242",
                  "description": "Inclusion of undocumented features or chicken bits",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-30T03:53:30.144Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.netgear.com/about/eos/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN46722282/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2026-24714",
        "datePublished": "2026-01-30T03:53:30.144Z",
        "dateReserved": "2026-01-26T05:24:46.172Z",
        "dateUpdated": "2026-01-30T17:59:45.410Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10063 (GCVE-0-2013-10063)

    Vulnerability from cvelistv5 – Published: 2025-08-01 20:46 – Updated: 2026-05-15 11:14 Unsupported When Assigned
    VLAI
    Title
    Netgear SPH200D <= 1.0.4.80 Path Traversal via HTTP GET
    Summary
    A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear SPH200D Affected: 0 , ≤ 1.0.4.80 (custom)
    Create a notification for this product.
    Date Public
    2013-01-31 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10063",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:38:41.804173Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:38:45.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24441"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Any GET-accessible path"
              ],
              "product": "SPH200D",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.4.80",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:netgear:sph200d:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.0.4.80",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions \u0026lt;= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences.\u0026nbsp;This can expose sensitive system files and configuration data.\u003c/p\u003e"
                }
              ],
              "value": "A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions \u003c= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences.\u00a0This can expose sensitive system files and configuration data."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T11:14:18.461Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24441"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-sph200d-path-traversal-via-http-get"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Netgear SPH200D \u003c= 1.0.4.80 Path Traversal via HTTP GET",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10063",
        "datePublished": "2025-08-01T20:46:21.225Z",
        "dateReserved": "2025-08-01T18:54:27.633Z",
        "dateUpdated": "2026-05-15T11:14:18.461Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10060 (GCVE-0-2013-10060)

    Vulnerability from cvelistv5 – Published: 2025-08-01 20:45 – Updated: 2026-05-15 11:14 Unsupported When Assigned
    VLAI
    Title
    Netgear Routers pppoe.cgi RCE
    Summary
    An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear DGN2200B Affected: 0 , ≤ 1.0.0.36 (custom)
    Create a notification for this product.
    Date Public
    2013-02-18 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10060",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:22:06.129053Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:22:09.688Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24513"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24974"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web interface (pppoe.cgi)"
              ],
              "product": "DGN2200B",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.0.36",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.0.0.36",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-02-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated OS command injection vulnerability exists in\u0026nbsp;\u003c/span\u003eNetgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored."
                }
              ],
              "value": "An authenticated OS command injection vulnerability exists in\u00a0Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T11:14:17.701Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24513"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24974"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-legacy-routers-rce"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "Netgear Routers pppoe.cgi RCE",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10060",
        "datePublished": "2025-08-01T20:45:59.280Z",
        "dateReserved": "2025-08-01T17:22:29.909Z",
        "dateUpdated": "2026-05-15T11:14:17.701Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2013-10061 (GCVE-0-2013-10061)

    Vulnerability from cvelistv5 – Published: 2025-08-01 20:45 – Updated: 2026-04-07 14:03
    VLAI
    Title
    Netgear Routers setup.cgi RCE
    Summary
    An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Netgear DGN1000B Affected: 1.1.00.24
    Affected: 1.1.00.45
    Create a notification for this product.
    Date Public
    2013-02-07 00:00
    Credits
    Michael Messner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2013-10061",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T14:15:59.267461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T14:16:02.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24464"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.exploit-db.com/exploits/24931"
              },
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20150218074318/http://www.s3cur1ty.de/m1adv2013-005"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "setup.cgi"
              ],
              "product": "DGN1000B",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.00.24"
                },
                {
                  "status": "affected",
                  "version": "1.1.00.45"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn1000v3_firmware:1.0.0.25:*:*:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:netgear:dgn1000v3_firmware:1.0.0.45:*:*:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Messner"
            }
          ],
          "datePublic": "2013-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication."
                }
              ],
              "value": "An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:03:14.806Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24464"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/24931"
            },
            {
              "tags": [
                "technical-description",
                "exploit"
              ],
              "url": "https://web.archive.org/web/20150218074318/http://www.s3cur1ty.de/m1adv2013-005"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/netgear-legacy-routers-rce-2"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Netgear Routers setup.cgi RCE",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2013-10061",
        "datePublished": "2025-08-01T20:45:34.559Z",
        "dateReserved": "2025-08-01T18:31:18.857Z",
        "dateUpdated": "2026-04-07T14:03:14.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6565 (GCVE-0-2025-6565)

    Vulnerability from cvelistv5 – Published: 2025-06-24 13:00 – Updated: 2025-06-25 12:41
    VLAI
    Title
    Netgear WNCE3001 HTTP POST Request http_d stack-based overflow
    Summary
    A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear WNCE3001 Affected: 1.0.0.50
    Create a notification for this product.
    Credits
    xiaobor123 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6565",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T15:36:46.136796Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-25T12:41:43.852Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "HTTP POST Request Handler"
              ],
              "product": "WNCE3001",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.50"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "xiaobor123 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in Netgear WNCE3001 1.0.0.50 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion http_d der Komponente HTTP POST Request Handler. Mittels Manipulieren des Arguments Host mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:00:12.914Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-313737 | Netgear WNCE3001 HTTP POST Request http_d stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.313737"
            },
            {
              "name": "VDB-313737 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.313737"
            },
            {
              "name": "Submit #590030 | Netgear WNCE3001 1.0.0.50 Stack-based buffer overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.590030"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-wnce3001-netgear"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-wnce3001-netgear#poc"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.netgear.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-24T10:04:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WNCE3001 HTTP POST Request http_d stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6565",
        "datePublished": "2025-06-24T13:00:12.914Z",
        "dateReserved": "2025-06-24T07:59:36.976Z",
        "dateUpdated": "2025-06-25T12:41:43.852Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-25246 (GCVE-0-2025-25246)

    Vulnerability from cvelistv5 – Published: 2025-02-05 00:00 – Updated: 2025-02-12 20:51
    VLAI
    Summary
    NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    NETGEAR XR1000 Affected: 0 , < 1.0.0.74 (custom)
    Create a notification for this product.
    NETGEAR XR1000v2 Affected: 0 , < 1.1.0.22 (custom)
    Create a notification for this product.
    NETGEAR XR500 Affected: 0 , < 2.3.2.134 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-25246",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T14:47:44.132747Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:51:31.641Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "XR1000",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "1.0.0.74",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XR1000v2",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "1.1.0.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XR500",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "lessThan": "2.3.2.134",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:52:42.145Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-25246",
        "datePublished": "2025-02-05T00:00:00.000Z",
        "dateReserved": "2025-02-05T00:00:00.000Z",
        "dateUpdated": "2025-02-12T20:51:31.641Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23690 (GCVE-0-2024-23690)

    Vulnerability from cvelistv5 – Published: 2025-02-04 14:34 – Updated: 2025-11-22 12:19 Unsupported When Assigned
    VLAI
    Title
    EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection
    Summary
    The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted "util backup_configuration" commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear FVS336Gv3 Affected: 0 , ≤ 4.3.5-3 (semver)
    Create a notification for this product.
    Netgear FVS336Gv2 Affected: 0 , ≤ 4.3.3-6 (semver)
    Create a notification for this product.
    Credits
    Jacob Baines
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23690",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T14:58:11.357988Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-04T14:58:15.609Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FVS336Gv3",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "4.3.5-3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FVS336Gv2",
              "vendor": "Netgear",
              "versions": [
                {
                  "lessThanOrEqual": "4.3.3-6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:h:netgear:fvs336gv3:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.3.5-3",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:netgear:fvs336gv2:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.3.3-6",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jacob Baines"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted \"util backup_configuration\" commands. \u003cbr\u003e"
                }
              ],
              "value": "The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted \"util backup_configuration\" commands."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-22T12:19:16.575Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/netgear-fvs336g-rce"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "tags": [
            "unsupported-when-assigned"
          ],
          "title": "EOL Netgear FVS336v3 Telnet Configuration Backup Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2024-23690",
        "datePublished": "2025-02-04T14:34:00.370Z",
        "dateReserved": "2024-01-19T17:35:14.201Z",
        "dateUpdated": "2025-11-22T12:19:16.575Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12147 (GCVE-0-2024-12147)

    Vulnerability from cvelistv5 – Published: 2024-12-04 17:31 – Updated: 2025-01-14 14:06 Unsupported When Assigned
    VLAI
    Title
    Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow
    Summary
    A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear R6900 Affected: 1.0.1.26_1.0.20
    Create a notification for this product.
    netgear r6900_firmware Affected: 1.0.1.26_1.0.20
        cpe:2.3:o:netgear:r6900_firmware:1.0.1.26:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    upload (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:r6900_firmware:1.0.1.26:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "r6900_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.0.1.26_1.0.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12147",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-04T21:00:20.499367Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T21:05:51.105Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "HTTP Header Handler"
              ],
              "product": "R6900",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.1.26_1.0.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "upload (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
            },
            {
              "lang": "de",
              "value": "In Netgear R6900 1.0.1.26_1.0.20 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Datei upgrade_check.cgi der Komponente HTTP Header Handler. Durch Manipulation des Arguments Content-Length mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.8,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-14T14:06:27.563Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-286873 | Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.286873"
            },
            {
              "name": "VDB-286873 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.286873"
            },
            {
              "name": "Submit #451858 | Netgear R6900v1 R6900-V1.0.1.26_1.0.20 Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.451858"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/upload000/Hub/blob/main/IOT/Netgear_R6900.md"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://www.netgear.com/about/eos/"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.netgear.com/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-04T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-01-14T15:11:21.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12147",
        "datePublished": "2024-12-04T17:31:04.826Z",
        "dateReserved": "2024-12-04T12:46:25.939Z",
        "dateUpdated": "2025-01-14T14:06:27.563Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6814 (GCVE-0-2024-6814)

    Vulnerability from cvelistv5 – Published: 2024-08-21 16:09 – Updated: 2024-08-21 17:54
    VLAI
    Title
    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability
    Summary
    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getFilterString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23399.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    NETGEAR ProSAFE Network Management System Affected: 1.7.0.34 x64
    Create a notification for this product.
    netgear nms300_firmware Affected: 1.7.0.34_x64 , < 1.7.0.37 (custom)
        cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-18 18:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nms300_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "1.7.0.37",
                    "status": "affected",
                    "version": "1.7.0.34_x64",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T17:50:57.790542Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T17:54:08.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ProSAFE Network Management System",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0.34 x64"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-16T21:14:46.879Z",
          "datePublic": "2024-07-18T18:20:02.177Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getFilterString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23399."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-21T16:09:11.108Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-901",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-901/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.netgear.com/000066232/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0019"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
          },
          "title": "NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-6814",
        "datePublished": "2024-08-21T16:09:11.108Z",
        "dateReserved": "2024-07-16T21:14:46.853Z",
        "dateUpdated": "2024-08-21T17:54:08.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6813 (GCVE-0-2024-6813)

    Vulnerability from cvelistv5 – Published: 2024-08-21 16:09 – Updated: 2024-08-21 17:55
    VLAI
    Title
    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability
    Summary
    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getSortString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23207.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    NETGEAR ProSAFE Network Management System Affected: 1.7.0.34 x64
    Create a notification for this product.
    netgear nms300_firmware Affected: 1.7.0.34_x64 , < 1.7.0.37 (custom)
        cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-18 18:20
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:netgear:nms300_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nms300_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "1.7.0.37",
                    "status": "affected",
                    "version": "1.7.0.34_x64",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6813",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-21T17:54:38.483101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-21T17:55:49.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ProSAFE Network Management System",
              "vendor": "NETGEAR",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0.34 x64"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-16T21:14:06.432Z",
          "datePublic": "2024-07-18T18:20:16.593Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getSortString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23207."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-21T16:09:01.959Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-902",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-902/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.netgear.com/000066231/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0018"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-6813",
        "datePublished": "2024-08-21T16:09:01.959Z",
        "dateReserved": "2024-07-16T21:14:06.386Z",
        "dateUpdated": "2024-08-21T17:55:49.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7153 (GCVE-0-2024-7153)

    Vulnerability from cvelistv5 – Published: 2024-07-27 22:00 – Updated: 2024-08-01 21:52
    VLAI
    Title
    Netgear WN604 siteSurvey.php direct request
    Summary
    A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Netgear WN604 Affected: 20240719
    Create a notification for this product.
    netgear wn604_firmware Affected: 20240719
        cpe:2.3:a:netgear:wn604_firmware:20240719:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wiki (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:netgear:wn604_firmware:20240719:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wn604_firmware",
                "vendor": "netgear",
                "versions": [
                  {
                    "status": "affected",
                    "version": "20240719"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7153",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T18:19:09.449691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T18:23:59.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:30.308Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-272556 | Netgear WN604 siteSurvey.php direct request",
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.272556"
              },
              {
                "name": "VDB-272556 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.272556"
              },
              {
                "name": "Submit #377056 | Netgear WN604 Missing Authentication",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.377056"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WN604",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240719"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wiki (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine problematische Schwachstelle in Netgear WN604 bis 20240719 entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei siteSurvey.php. Durch das Beeinflussen mit unbekannten Daten kann eine direct request-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-425",
                  "description": "CWE-425 Direct Request",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-27T22:00:08.933Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-272556 | Netgear WN604 siteSurvey.php direct request",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.272556"
            },
            {
              "name": "VDB-272556 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.272556"
            },
            {
              "name": "Submit #377056 | Netgear WN604 Missing Authentication",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.377056"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-27T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-27T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-27T07:55:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WN604 siteSurvey.php direct request"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-7153",
        "datePublished": "2024-07-27T22:00:08.933Z",
        "dateReserved": "2024-07-27T05:50:25.410Z",
        "dateUpdated": "2024-08-01T21:52:30.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6646 (GCVE-0-2024-6646)

    Vulnerability from cvelistv5 – Published: 2024-07-10 17:31 – Updated: 2024-08-01 21:41
    VLAI
    Title
    Netgear WN604 Web Interface downloadFile.php information disclosure
    Summary
    A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.271052 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.271052 signaturepermissions-required
    https://vuldb.com/?submit.367382 third-party-advisory
    https://github.com/mikutool/vul/issues/1 exploitissue-tracking
    Impacted products
    Vendor Product Version
    Netgear WN604 Affected: 20240710
    Create a notification for this product.
    netgear wn604 Affected: 0 , < 20240710 (custom)
        cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "wn604",
                "vendor": "netgear",
                "versions": [
                  {
                    "lessThan": "20240710",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6646",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T19:59:59.120182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T20:01:16.816Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:04.277Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-271052 | Netgear WN604 Web Interface downloadFile.php information disclosure",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.271052"
              },
              {
                "name": "VDB-271052 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.271052"
              },
              {
                "name": "Submit #367382 | NETGEAR NETGEAR Wireless N150Access Point WN604 Sensitive information leakage",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.367382"
              },
              {
                "tags": [
                  "exploit",
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://github.com/mikutool/vul/issues/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Web Interface"
              ],
              "product": "WN604",
              "vendor": "Netgear",
              "versions": [
                {
                  "status": "affected",
                  "version": "20240710"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in Netgear WN604 bis 20240710 ausgemacht. Dies betrifft einen unbekannten Teil der Datei /downloadFile.php der Komponente Web Interface. Dank Manipulation des Arguments file mit der Eingabe config mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-10T17:31:04.041Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-271052 | Netgear WN604 Web Interface downloadFile.php information disclosure",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.271052"
            },
            {
              "name": "VDB-271052 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.271052"
            },
            {
              "name": "Submit #367382 | NETGEAR NETGEAR Wireless N150Access Point WN604 Sensitive information leakage",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.367382"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/mikutool/vul/issues/1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-10T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-10T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-10T12:23:22.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Netgear WN604 Web Interface downloadFile.php information disclosure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-6646",
        "datePublished": "2024-07-10T17:31:04.041Z",
        "dateReserved": "2024-07-10T10:18:02.495Z",
        "dateUpdated": "2024-08-01T21:41:04.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-202006-0391

    Vulnerability from variot - Updated: 2024-07-23 21:20

    The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality. The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide automatic discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification. Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted. A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned CVE-2020-12695 and is also known as Call Stranger. Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a recent Shodan scan. A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note. Open Connectivity Foundation UPnP There is a vulnerability in the specification regarding improper default permissions.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A security vulnerability exists in UPnP versions prior to 2020-04-17. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ====================================================================
    Red Hat Security Advisory

    Synopsis: Moderate: gssdp and gupnp security update Advisory ID: RHSA-2021:1789-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1789 Issue date: 2021-05-18 CVE Names: CVE-2020-12695 ==================================================================== 1. Summary:

    An update for gssdp and gupnp is now available for Red Hat Enterprise Linux 8.

    Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

    1. Description:

    GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible.

    GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP.

    The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928)

    Security Fix(es):

    • hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1846006 - CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP

    1. Package List:

    Red Hat Enterprise Linux AppStream (v. 8):

    Source: gssdp-1.0.5-1.el8.src.rpm gupnp-1.0.6-1.el8.src.rpm

    aarch64: gssdp-1.0.5-1.el8.aarch64.rpm gssdp-debuginfo-1.0.5-1.el8.aarch64.rpm gssdp-debugsource-1.0.5-1.el8.aarch64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm gupnp-1.0.6-1.el8.aarch64.rpm gupnp-debuginfo-1.0.6-1.el8.aarch64.rpm gupnp-debugsource-1.0.6-1.el8.aarch64.rpm

    ppc64le: gssdp-1.0.5-1.el8.ppc64le.rpm gssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm gssdp-debugsource-1.0.5-1.el8.ppc64le.rpm gssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm gupnp-1.0.6-1.el8.ppc64le.rpm gupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm gupnp-debugsource-1.0.6-1.el8.ppc64le.rpm

    s390x: gssdp-1.0.5-1.el8.s390x.rpm gssdp-debuginfo-1.0.5-1.el8.s390x.rpm gssdp-debugsource-1.0.5-1.el8.s390x.rpm gssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm gupnp-1.0.6-1.el8.s390x.rpm gupnp-debuginfo-1.0.6-1.el8.s390x.rpm gupnp-debugsource-1.0.6-1.el8.s390x.rpm

    x86_64: gssdp-1.0.5-1.el8.i686.rpm gssdp-1.0.5-1.el8.x86_64.rpm gssdp-debuginfo-1.0.5-1.el8.i686.rpm gssdp-debuginfo-1.0.5-1.el8.x86_64.rpm gssdp-debugsource-1.0.5-1.el8.i686.rpm gssdp-debugsource-1.0.5-1.el8.x86_64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm gssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm gupnp-1.0.6-1.el8.i686.rpm gupnp-1.0.6-1.el8.x86_64.rpm gupnp-debuginfo-1.0.6-1.el8.i686.rpm gupnp-debuginfo-1.0.6-1.el8.x86_64.rpm gupnp-debugsource-1.0.6-1.el8.i686.rpm gupnp-debugsource-1.0.6-1.el8.x86_64.rpm

    Red Hat CodeReady Linux Builder (v. 8):

    aarch64: gssdp-debuginfo-1.0.5-1.el8.aarch64.rpm gssdp-debugsource-1.0.5-1.el8.aarch64.rpm gssdp-devel-1.0.5-1.el8.aarch64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm gupnp-debuginfo-1.0.6-1.el8.aarch64.rpm gupnp-debugsource-1.0.6-1.el8.aarch64.rpm gupnp-devel-1.0.6-1.el8.aarch64.rpm

    noarch: gssdp-docs-1.0.5-1.el8.noarch.rpm

    ppc64le: gssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm gssdp-debugsource-1.0.5-1.el8.ppc64le.rpm gssdp-devel-1.0.5-1.el8.ppc64le.rpm gssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm gupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm gupnp-debugsource-1.0.6-1.el8.ppc64le.rpm gupnp-devel-1.0.6-1.el8.ppc64le.rpm

    s390x: gssdp-debuginfo-1.0.5-1.el8.s390x.rpm gssdp-debugsource-1.0.5-1.el8.s390x.rpm gssdp-devel-1.0.5-1.el8.s390x.rpm gssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm gupnp-debuginfo-1.0.6-1.el8.s390x.rpm gupnp-debugsource-1.0.6-1.el8.s390x.rpm gupnp-devel-1.0.6-1.el8.s390x.rpm

    x86_64: gssdp-debuginfo-1.0.5-1.el8.i686.rpm gssdp-debuginfo-1.0.5-1.el8.x86_64.rpm gssdp-debugsource-1.0.5-1.el8.i686.rpm gssdp-debugsource-1.0.5-1.el8.x86_64.rpm gssdp-devel-1.0.5-1.el8.i686.rpm gssdp-devel-1.0.5-1.el8.x86_64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm gssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm gupnp-debuginfo-1.0.6-1.el8.i686.rpm gupnp-debuginfo-1.0.6-1.el8.x86_64.rpm gupnp-debugsource-1.0.6-1.el8.i686.rpm gupnp-debugsource-1.0.6-1.el8.x86_64.rpm gupnp-devel-1.0.6-1.el8.i686.rpm gupnp-devel-1.0.6-1.el8.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2020-12695 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIVAwUBYKPxUtzjgjWX9erEAQhZhw//Ypgq/0qu2SS/hw8alPmqQ6CG5C/xOqF6 uJL5HVQ+KPu8Go+UifB3xP3Izm9GYh9aNpcR3bPTx3NsfJdQyzPNSo8O2bC3mUBl Lw6Bh++uhaNx3ADaKfceEG5teXbkwAadSft0W7j9jiY70qjVWfvqKjzBS3UyOL/P ++SdPU96uOX9nAkeT3wqirWjXDjUMJLao6AvRtXOXJ2MNwJp436S/KemSkMq2Mg7 izSYf7Biojg5SMNM4rsFBSnIqmehomfsVFetttHImCfTYteTfddti42gMelZyG8k MK4CJw1DeR1e30teWaHnoVa9xAPJMKx56RG3/Wr+6Y5nK0rFZoZuMiJn2b7KodcH fYbfxkwrQQ/R9bYZn03YgCz4zl/hetsoITKFHcsPNB9qtdRdtQhYzeOG+AyiawWh YtF3vlomMlaxuOZV9zTJUIWZX/ev6wWx8VsXuHKMBwtBxO7l3M0Hd+BOxRPVE/mu m+DBcBQp7fvaw55tCAQtHS3CKvgGYijDvOFHBOkQw5Zh9ttdfLlKo4H4NU0W4dLN HJWuKGelB2vGc0eoqZ7yCi2xuWBYxjDIoYGzlwPJSnrrguqeLfOKVykja8AYpIET V/XCUk/geIiEbSRwAR8EPXDpTLLicGrR6pbekpMfALm/GGc5I4RyA9AbVNJ9fF+a 7bb2GlcOcWo=2GSN -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2020-12695)

    It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. ========================================================================= Ubuntu Security Notice USN-4734-2 February 16, 2021

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.04 ESM

    Summary:

    Several security issues were fixed in wpa_supplicant and hostapd.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This update provides the corresponding update for Ubuntu 14.04 ESM.

    It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-0326)

    It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. (CVE-2020-12695)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.04 ESM: hostapd 1:2.1-0ubuntu1.7+esm3 wpasupplicant 2.1-0ubuntu1.7+esm3

    After a standard system update you need to reboot your computer to make all the necessary changes.

    For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u3.

    We recommend that you upgrade your wpa packages.

    For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpa

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCBxcZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QRbw//chJxW9vhszfe/MrHkuEBC/y0jzkQ0GxJG/DT+EXvHnq8KyVht92B81sU Ia860UeNygOY1vAe8izNVpxPEi1PpI7Y6VfvqcWC5dMFNEmOk8yMzJXPDYtwrO3b q7Fq6MJys6HTooIInCVjdwVTmvVfocEiOl2Oy+smBE8ylkUPIShJj+UsnBR3qMCB 9IoxgeFsHl4HpRzsC1uiTMmNPUqqychqzyn26aA+Vp5nfPkvpsSc6aA68BBUm529 5udANpQneYrsQ+EKMm2wQmw9xNWbrqzRUCmi/XGxJ5YEibOjMLZeBMWq35MRQKDS BaaEPbjPMbBP7p6yp795pdt/XgNL1cJPejEBBQWPs3PrRuW/inhjJbSvenPl5AIB wOV8OzoxDw0m5DdYr2IuYRNu3zt743e/v5oDhDOiSteBl7zjs4cUohfOryaH/htN 7Ok3BbhfVc7xfW/XhXNq2axXPGDdSOI3Y6ZXPgiTlX3eIm8Culg7Rm52JprbAc0a aP0pkGjHO3MAIsvRU/H7WGJbhCdS0i/XTAbuJming5zzCpigGaQG9wOawYH4lNJV BNEX/DjjcsZ4oETxWn0sG/LVIl3m2TCry2cayZsy8806nTqlhFS2py5tx6gn5NBi e5JGaYRgwa6TUxj4UjWnbdIKMpElbtXbMIOHSvG2Gnx/21siyg0= =CU/j -----END PGP SIGNATURE----- . In addition minidlna was susceptible to the "CallStranger" UPnP vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-0391",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "envy photo 7100 z3m52a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "windows 10",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4538 f0v66b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 7640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy pro 6452 5se47a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "5020 z4a69a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 6055 5se16a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6232 k7g26b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 110 cq809c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 120 cz022c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4500 a9t80a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4525 k9t09b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5541 k7g89a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6222 y0k13d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4516 k9h52a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy pro 6420 5se45b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5646 f8b05a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4505 a9t86a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4652 k9v84b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4652 f1j02a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 6540 b9s59a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3545 a9t81a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "32"
          },
          {
            "model": "xp-702",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 4507 e6g70b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7100 k7g93a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4508 e6g72b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4520 e6g67b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 111 cq810a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6234 k7s21b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7800 k7r96a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 7645 e4w44a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4675 f1h97c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4652 f1j05b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-960",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "dvg-n5412sp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dlink",
            "version": null
          },
          {
            "model": "5034 z4a74a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6200 k7g26b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4656 k9v81b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5540 f2e72a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4503 e6g71b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4518",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 100 cn517a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5000 m2u91a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5543 n9u88a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 7644 e4w46a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6200 y0k15a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "adsl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": "envy 6052 5se18a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7100 z3m37a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3548 a9t81b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5000 z4a74a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4522 f0v67a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4535 f0v64b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 100 cn519a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4520 f0v63b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7155 z3m52a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6200 k7g18a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 114 cq811b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5664 f8b08a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "hg532e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "envy 4523 j6u60b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "amg1202-t10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "envy 5020 m2u91b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 110 cq809b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7800 k7s00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5542 k7c88a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4657 v6d29b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "hg255s",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "envy 4500 a9t80b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4521 k9t10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4515",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4675 f1h97b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7164 k7g99a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5540 g0v52a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4512 k9h49a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 6020 5se17a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-2101",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 100 cn517b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-241",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3456 a9t84c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4500 d3p93a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "5030 z4a70a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 100 cn517c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5540 g0v53a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "wap351",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "envy 5534",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "5660 f8b04a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-620",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3545 a9t81c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4520 f0v69a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4501 c8d05a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5535",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6222 y0k14d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4511 k9h50a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ep-101",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4675 f1h97a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5642 b9s64a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "zxv10 w300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "envy 5540 g0v47a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4500 a9t89a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4509 d3p94b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5539",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7800 y0g52b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3545 a9t83b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4650 e6g87a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7120 z3m41d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4676 f1h98a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4524 f0v72b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 120 cz022a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 110 cq809d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "wr8165n",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "envy 110 cq812c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 5575 g0v48b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4655 k9v79a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4654 f1j06b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 120 cz022b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "wap150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "envy 5640 b9s56a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4504 a9t88b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-330",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy pro 6420 6wd16a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4520 f0v63a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4526 k9t05b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4650 f1h96a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4502 a9t87b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4650 f1h96b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy pro 6455 5se45a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7822 y0g43d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-4105",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "selphy cp1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canon",
            "version": null
          },
          {
            "model": "xp-100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 5643 b9s63a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4535 f0v64a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4655 f1j00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 110 cq809a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "10.0"
          },
          {
            "model": "archer c50",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": "envy photo 6220 k7g20d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-8600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "wnhde111",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "officejet 4654 f1j07b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-2105",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 5531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6200 k7s21b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4524 k9t01a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "31"
          },
          {
            "model": "envy 5544 k7c93a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0.0"
          },
          {
            "model": "officejet 4655 k9v82b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "envy 4524 f0v71b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7100 3xd89a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4528 k9t08b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5530",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-440",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy photo 6200 y0k13d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6230 k7g25b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 114 cq812a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4536 f0v65a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4502 a9t85a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5548 k7g87a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ew-m970a3t",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 5000 m2u94b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 6020 6wd35a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "officejet 4658 v6d30b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 100 cn519b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "rt-n11",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "asus",
            "version": null
          },
          {
            "model": "deskjet ink advantage 3546 a9t82a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4513 k9h51a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 6020 7cz37a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6220 k7g21b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5000 m2u91a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "*"
          },
          {
            "model": "vmg8324-b10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "unifi controller",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ui",
            "version": null
          },
          {
            "model": "xp-4100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "deskjet ink advantage 5575 g0v48c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5546 k7c90a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5644 b9s65a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "20.04"
          },
          {
            "model": "envy 6020 5se16b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7800 k7s10d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5547 j6u64a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7800 y0g42d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4520 e6g67a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5540 g0v51a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "zonedirector 1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ruckussecurity",
            "version": null
          },
          {
            "model": "envy 5000 z4a54a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "b1165nfw",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "dell",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4678 f1h99b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5000 m2u85b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy pro 6420 6wd14a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xbox one",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.19041.2494"
          },
          {
            "model": "envy 5532",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4504 c8d04a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5544 k7c89a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-970",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy photo 7830 y0g50b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5640 b9s58a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "wap131",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "xp-8500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "5030 m2u92b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "deskjet ink advantage 4535 f0v64c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4509 d3p94a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5536",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5665 f8b06a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5000 m2u85a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 100 cn518a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 5540 k7c85a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "xp-630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy 5545 g0v50a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7100 k7g99a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 114 cq811a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "m571t",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "epson",
            "version": null
          },
          {
            "model": "envy pro 6420 5se46a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 7822 y0g42d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy photo 6252 k7g22a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "envy 4527 j6u61b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": null
          },
          {
            "model": "rt-n11",
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": "adsl",
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": "dvg-n5412sp",
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": "unifi controller",
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "selphy cp1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "canon",
            "version": null
          },
          {
            "model": "wap131",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wap150",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wap351",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "b1165nfw",
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "This vulnerability was reported by Yunus \u00c7adirci from EY Turkey. This document was written by Vijay Sarvepalli. ",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          }
        ],
        "trust": 0.8
      },
      "cve": "CVE-2020-12695",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "impactScore": 7.8,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006708",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-165399",
                "impactScore": 7.8,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULMON",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-12695",
                "impactScore": 7.8,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "HIGH",
                "trust": 0.1,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.2,
                "impactScore": 4.7,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006708",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2020-12695",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006708",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-597",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-165399",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-12695",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality. The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide  automatic  discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification. Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted. A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned  CVE-2020-12695 and is also known as Call Stranger. Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a  recent Shodan scan. A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note. Open Connectivity Foundation UPnP There is a vulnerability in the specification regarding improper default permissions.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A security vulnerability exists in UPnP versions prior to 2020-04-17. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: gssdp and gupnp security update\nAdvisory ID:       RHSA-2021:1789-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2021:1789\nIssue date:        2021-05-18\nCVE Names:         CVE-2020-12695\n====================================================================\n1. Summary:\n\nAn update for gssdp and gupnp is now available for Red Hat Enterprise Linux\n8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nGUPnP is an object-oriented open source framework for creating UPnP devices\nand control points, written in C using GObject and libsoup. The GUPnP API\nis intended to be easy to use, efficient and flexible. \n\nGSSDP implements resource discovery and announcement over SSDP and is part\nof gUPnP. \n\nThe following packages have been upgraded to a later upstream version:\ngssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928)\n\nSecurity Fix(es):\n\n* hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.4 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1846006 - CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\ngssdp-1.0.5-1.el8.src.rpm\ngupnp-1.0.6-1.el8.src.rpm\n\naarch64:\ngssdp-1.0.5-1.el8.aarch64.rpm\ngssdp-debuginfo-1.0.5-1.el8.aarch64.rpm\ngssdp-debugsource-1.0.5-1.el8.aarch64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm\ngupnp-1.0.6-1.el8.aarch64.rpm\ngupnp-debuginfo-1.0.6-1.el8.aarch64.rpm\ngupnp-debugsource-1.0.6-1.el8.aarch64.rpm\n\nppc64le:\ngssdp-1.0.5-1.el8.ppc64le.rpm\ngssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngssdp-debugsource-1.0.5-1.el8.ppc64le.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngupnp-1.0.6-1.el8.ppc64le.rpm\ngupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm\ngupnp-debugsource-1.0.6-1.el8.ppc64le.rpm\n\ns390x:\ngssdp-1.0.5-1.el8.s390x.rpm\ngssdp-debuginfo-1.0.5-1.el8.s390x.rpm\ngssdp-debugsource-1.0.5-1.el8.s390x.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm\ngupnp-1.0.6-1.el8.s390x.rpm\ngupnp-debuginfo-1.0.6-1.el8.s390x.rpm\ngupnp-debugsource-1.0.6-1.el8.s390x.rpm\n\nx86_64:\ngssdp-1.0.5-1.el8.i686.rpm\ngssdp-1.0.5-1.el8.x86_64.rpm\ngssdp-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-debuginfo-1.0.5-1.el8.x86_64.rpm\ngssdp-debugsource-1.0.5-1.el8.i686.rpm\ngssdp-debugsource-1.0.5-1.el8.x86_64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm\ngupnp-1.0.6-1.el8.i686.rpm\ngupnp-1.0.6-1.el8.x86_64.rpm\ngupnp-debuginfo-1.0.6-1.el8.i686.rpm\ngupnp-debuginfo-1.0.6-1.el8.x86_64.rpm\ngupnp-debugsource-1.0.6-1.el8.i686.rpm\ngupnp-debugsource-1.0.6-1.el8.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\ngssdp-debuginfo-1.0.5-1.el8.aarch64.rpm\ngssdp-debugsource-1.0.5-1.el8.aarch64.rpm\ngssdp-devel-1.0.5-1.el8.aarch64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm\ngupnp-debuginfo-1.0.6-1.el8.aarch64.rpm\ngupnp-debugsource-1.0.6-1.el8.aarch64.rpm\ngupnp-devel-1.0.6-1.el8.aarch64.rpm\n\nnoarch:\ngssdp-docs-1.0.5-1.el8.noarch.rpm\n\nppc64le:\ngssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngssdp-debugsource-1.0.5-1.el8.ppc64le.rpm\ngssdp-devel-1.0.5-1.el8.ppc64le.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm\ngupnp-debugsource-1.0.6-1.el8.ppc64le.rpm\ngupnp-devel-1.0.6-1.el8.ppc64le.rpm\n\ns390x:\ngssdp-debuginfo-1.0.5-1.el8.s390x.rpm\ngssdp-debugsource-1.0.5-1.el8.s390x.rpm\ngssdp-devel-1.0.5-1.el8.s390x.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm\ngupnp-debuginfo-1.0.6-1.el8.s390x.rpm\ngupnp-debugsource-1.0.6-1.el8.s390x.rpm\ngupnp-devel-1.0.6-1.el8.s390x.rpm\n\nx86_64:\ngssdp-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-debuginfo-1.0.5-1.el8.x86_64.rpm\ngssdp-debugsource-1.0.5-1.el8.i686.rpm\ngssdp-debugsource-1.0.5-1.el8.x86_64.rpm\ngssdp-devel-1.0.5-1.el8.i686.rpm\ngssdp-devel-1.0.5-1.el8.x86_64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm\ngupnp-debuginfo-1.0.6-1.el8.i686.rpm\ngupnp-debuginfo-1.0.6-1.el8.x86_64.rpm\ngupnp-debugsource-1.0.6-1.el8.i686.rpm\ngupnp-debugsource-1.0.6-1.el8.x86_64.rpm\ngupnp-devel-1.0.6-1.el8.i686.rpm\ngupnp-devel-1.0.6-1.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-12695\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYKPxUtzjgjWX9erEAQhZhw//Ypgq/0qu2SS/hw8alPmqQ6CG5C/xOqF6\nuJL5HVQ+KPu8Go+UifB3xP3Izm9GYh9aNpcR3bPTx3NsfJdQyzPNSo8O2bC3mUBl\nLw6Bh++uhaNx3ADaKfceEG5teXbkwAadSft0W7j9jiY70qjVWfvqKjzBS3UyOL/P\n++SdPU96uOX9nAkeT3wqirWjXDjUMJLao6AvRtXOXJ2MNwJp436S/KemSkMq2Mg7\nizSYf7Biojg5SMNM4rsFBSnIqmehomfsVFetttHImCfTYteTfddti42gMelZyG8k\nMK4CJw1DeR1e30teWaHnoVa9xAPJMKx56RG3/Wr+6Y5nK0rFZoZuMiJn2b7KodcH\nfYbfxkwrQQ/R9bYZn03YgCz4zl/hetsoITKFHcsPNB9qtdRdtQhYzeOG+AyiawWh\nYtF3vlomMlaxuOZV9zTJUIWZX/ev6wWx8VsXuHKMBwtBxO7l3M0Hd+BOxRPVE/mu\nm+DBcBQp7fvaw55tCAQtHS3CKvgGYijDvOFHBOkQw5Zh9ttdfLlKo4H4NU0W4dLN\nHJWuKGelB2vGc0eoqZ7yCi2xuWBYxjDIoYGzlwPJSnrrguqeLfOKVykja8AYpIET\nV/XCUk/geIiEbSRwAR8EPXDpTLLicGrR6pbekpMfALm/GGc5I4RyA9AbVNJ9fF+a\n7bb2GlcOcWo=2GSN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. (CVE-2020-12695)\n\nIt was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. =========================================================================\nUbuntu Security Notice USN-4734-2\nFebruary 16, 2021\n\nwpa vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant and hostapd. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nUSN-4734-1 fixed several vulnerabilities in wpa_supplicant. This\nupdate provides the corresponding update for Ubuntu 14.04 ESM. \n\nIt was discovered that wpa_supplicant did not properly handle P2P\n(Wi-Fi Direct) group information in some situations, leading to a\nheap overflow. A physically proximate attacker could use this to cause a\ndenial of service or possibly execute arbitrary code. (CVE-2021-0326)\n\nIt was discovered that hostapd did not properly handle UPnP subscribe\nmessages in some circumstances. An attacker could use this to cause a\ndenial of service. (CVE-2020-12695)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n  hostapd                         1:2.1-0ubuntu1.7+esm3\n  wpasupplicant                   2.1-0ubuntu1.7+esm3\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2:2.7+git20190128+0c1e29f-6+deb10u3. \n\nWe recommend that you upgrade your wpa packages. \n\nFor the detailed security status of wpa please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/wpa\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCBxcZfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0QRbw//chJxW9vhszfe/MrHkuEBC/y0jzkQ0GxJG/DT+EXvHnq8KyVht92B81sU\nIa860UeNygOY1vAe8izNVpxPEi1PpI7Y6VfvqcWC5dMFNEmOk8yMzJXPDYtwrO3b\nq7Fq6MJys6HTooIInCVjdwVTmvVfocEiOl2Oy+smBE8ylkUPIShJj+UsnBR3qMCB\n9IoxgeFsHl4HpRzsC1uiTMmNPUqqychqzyn26aA+Vp5nfPkvpsSc6aA68BBUm529\n5udANpQneYrsQ+EKMm2wQmw9xNWbrqzRUCmi/XGxJ5YEibOjMLZeBMWq35MRQKDS\nBaaEPbjPMbBP7p6yp795pdt/XgNL1cJPejEBBQWPs3PrRuW/inhjJbSvenPl5AIB\nwOV8OzoxDw0m5DdYr2IuYRNu3zt743e/v5oDhDOiSteBl7zjs4cUohfOryaH/htN\n7Ok3BbhfVc7xfW/XhXNq2axXPGDdSOI3Y6ZXPgiTlX3eIm8Culg7Rm52JprbAc0a\naP0pkGjHO3MAIsvRU/H7WGJbhCdS0i/XTAbuJming5zzCpigGaQG9wOawYH4lNJV\nBNEX/DjjcsZ4oETxWn0sG/LVIl3m2TCry2cayZsy8806nTqlhFS2py5tx6gn5NBi\ne5JGaYRgwa6TUxj4UjWnbdIKMpElbtXbMIOHSvG2Gnx/21siyg0=\n=CU/j\n-----END PGP SIGNATURE-----\n. In addition minidlna was susceptible to the\n\"CallStranger\" UPnP vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          },
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "db": "PACKETSTORM",
            "id": "162672"
          },
          {
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "db": "PACKETSTORM",
            "id": "161444"
          },
          {
            "db": "PACKETSTORM",
            "id": "161397"
          },
          {
            "db": "PACKETSTORM",
            "id": "169049"
          },
          {
            "db": "PACKETSTORM",
            "id": "168951"
          }
        ],
        "trust": 3.15
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-12695",
            "trust": 4.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#339275",
            "trust": 3.3
          },
          {
            "db": "PACKETSTORM",
            "id": "158051",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2020/06/08/2",
            "trust": 1.7
          },
          {
            "db": "PACKETSTORM",
            "id": "161288",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "162672",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "159172",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2021122905",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021052202",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1382",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.0575",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4315",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1728",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.0417",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4372",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2705",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4315.2",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2733",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3160",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "161444",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161397",
            "trust": 0.2
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-37941",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-165399",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-12695",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "169049",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "168951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "PACKETSTORM",
            "id": "162672"
          },
          {
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "db": "PACKETSTORM",
            "id": "161444"
          },
          {
            "db": "PACKETSTORM",
            "id": "161397"
          },
          {
            "db": "PACKETSTORM",
            "id": "169049"
          },
          {
            "db": "PACKETSTORM",
            "id": "168951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "id": "VAR-202006-0391",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          }
        ],
        "trust": 0.6333333333333333
      },
      "last_update_date": "2024-07-23T21:20:57.987000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "RT-N11",
            "trust": 0.8,
            "url": "https://www.asus.com/us/networking/rtn11/"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.broadcom.com/"
          },
          {
            "title": "Canon SELPHY CP1200",
            "trust": 0.8,
            "url": "https://en.canon-me.com/support/consumer_products/products/printers/compact_photo/cd__cp_series/selphy_cp1200.html?type=drivers\u0026language=\u0026os=windows%208.1%20(64-bit)"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.cisco.com/c/en/us/index.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://us.dlink.com/en/consumer"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.dell.com/en-us"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://community.ui.com/"
          },
          {
            "title": "hostapd",
            "trust": 0.8,
            "url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-013311.html"
          },
          {
            "title": "Debian CVElist Bug Report Logs: wpa: CVE-2020-12695",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cdef40da4b3b6b2f4fcf08e447d20494"
          },
          {
            "title": "Debian Security Advisories: DSA-4806-1 minidlna -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5e0b1e00748aee507290bde9650370c7"
          },
          {
            "title": "Arch Linux Advisories: [ASA-202012-16] hostapd: proxy injection",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-202012-16"
          },
          {
            "title": "Debian Security Advisories: DSA-4898-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2832d7aeef980951ddf42089219be7b3"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-12695 log"
          },
          {
            "title": "awesome-from-stars",
            "trust": 0.1,
            "url": "https://github.com/krzemienski/awesome-from-stars "
          },
          {
            "title": "callstranger-detector",
            "trust": 0.1,
            "url": "https://github.com/corelight/callstranger-detector "
          },
          {
            "title": "CallStranger",
            "trust": 0.1,
            "url": "https://github.com/yunuscadirci/callstranger "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/xcod3bughunt3r/callstranger "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/yunuscadirci/dialstranger "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/aoeii/asuswrt-for-tenda-ac9-router "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-276",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://www.kb.cert.org/vuls/id/339275"
          },
          {
            "trust": 2.5,
            "url": "https://github.com/yunuscadirci/callstranger"
          },
          {
            "trust": 2.5,
            "url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
          },
          {
            "trust": 2.3,
            "url": "http://packetstormsecurity.com/files/158051/callstranger-upnp-vulnerability-checker.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.debian.org/security/2020/dsa-4806"
          },
          {
            "trust": 1.7,
            "url": "https://www.debian.org/security/2021/dsa-4898"
          },
          {
            "trust": 1.7,
            "url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
          },
          {
            "trust": 1.7,
            "url": "https://github.com/corelight/callstranger-detector"
          },
          {
            "trust": 1.7,
            "url": "https://www.callstranger.com"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
          },
          {
            "trust": 1.7,
            "url": "https://usn.ubuntu.com/4494-1/"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12695"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l3shl4lofghj3dixsuiqelgvbdj7v7lb/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mzdwhkgn3lmgsueoaavamod3iuipjvoj/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rqeyvy4d7lash6ai4wk3ik2qbfhhf3q2/"
          },
          {
            "trust": 0.8,
            "url": "https://callstranger.com"
          },
          {
            "trust": 0.8,
            "url": "https://openconnectivity.org/developer/specifications/upnp-resources/upnp/"
          },
          {
            "trust": 0.8,
            "url": "https://kb.cert.org/vuls/search/?q=upnp"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12695"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/ta/jvnta95827565/"
          },
          {
            "trust": 0.7,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rqeyvy4d7lash6ai4wk3ik2qbfhhf3q2/"
          },
          {
            "trust": 0.7,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mzdwhkgn3lmgsueoaavamod3iuipjvoj/"
          },
          {
            "trust": 0.7,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l3shl4lofghj3dixsuiqelgvbdj7v7lb/"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021052202"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4372/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1728"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/162672/red-hat-security-advisory-2021-1789-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021122905"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.0417"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3160/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2733/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1382"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/159172/ubuntu-security-notice-usn-4494-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4315.2/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.0575"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2705/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4315/"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200701-01-upnp-cn"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/161288/ubuntu-security-notice-usn-4722-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/upnp-information-disclosure-via-subscribe-delivery-url-32701"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0326"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28926"
          },
          {
            "trust": 0.2,
            "url": "https://usn.ubuntu.com/4734-1"
          },
          {
            "trust": 0.2,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.2,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12695"
          },
          {
            "trust": 0.1,
            "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:1789"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/gupnp/1.2.3-0ubuntu0.20.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4494-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-1ubuntu0.18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-1ubuntu0.20.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/minidlna/1.1.5+dfsg-2ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-2ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4722-1"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4734-2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.7"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu8.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu2.7"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu4.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27803"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/wpa"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/minidlna"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "PACKETSTORM",
            "id": "162672"
          },
          {
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "db": "PACKETSTORM",
            "id": "161444"
          },
          {
            "db": "PACKETSTORM",
            "id": "161397"
          },
          {
            "db": "PACKETSTORM",
            "id": "169049"
          },
          {
            "db": "PACKETSTORM",
            "id": "168951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "db": "PACKETSTORM",
            "id": "162672"
          },
          {
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "db": "PACKETSTORM",
            "id": "161444"
          },
          {
            "db": "PACKETSTORM",
            "id": "161397"
          },
          {
            "db": "PACKETSTORM",
            "id": "169049"
          },
          {
            "db": "PACKETSTORM",
            "id": "168951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "date": "2020-06-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "date": "2020-06-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "date": "2020-07-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "date": "2021-05-19T14:10:26",
            "db": "PACKETSTORM",
            "id": "162672"
          },
          {
            "date": "2020-09-15T17:05:32",
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "date": "2021-02-04T21:34:49",
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "date": "2021-02-16T23:41:17",
            "db": "PACKETSTORM",
            "id": "161444"
          },
          {
            "date": "2021-02-12T17:29:06",
            "db": "PACKETSTORM",
            "id": "161397"
          },
          {
            "date": "2021-04-28T19:12:00",
            "db": "PACKETSTORM",
            "id": "169049"
          },
          {
            "date": "2020-12-28T20:12:00",
            "db": "PACKETSTORM",
            "id": "168951"
          },
          {
            "date": "2020-06-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "date": "2020-06-08T17:15:09.973000",
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#339275"
          },
          {
            "date": "2021-04-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-165399"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-12695"
          },
          {
            "date": "2020-07-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006708"
          },
          {
            "date": "2023-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          },
          {
            "date": "2024-04-08T22:50:14.587000",
            "db": "NVD",
            "id": "CVE-2020-12695"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "159172"
          },
          {
            "db": "PACKETSTORM",
            "id": "161288"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#339275"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-597"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0974

    Vulnerability from variot - Updated: 2024-07-23 21:12

    Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. 6) - i386, x86_64

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0974",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13087",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13087",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30398",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13087",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-13087",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30398",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-388",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13087",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 3.96
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13087",
            "trust": 4.2
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "AA0BE958-12F8-4C92-BA4F-8046A72E7FE0",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144659",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "id": "VAR-201710-0974",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          }
        ],
        "trust": 1.3965711281818183
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          }
        ]
      },
      "last_update_date": "2024-07-23T21:12:37.370000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066  ",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network Sleep Mode Group Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/103826"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75502"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13087",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13087"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13087"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/krack "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.7,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-10-18T20:20:00",
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "date": "2017-10-17T13:29:00.600000",
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "date": "2019-10-03T00:03:26.223000",
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0211

    Vulnerability from variot - Updated: 2024-07-23 21:10

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

    AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.

    AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03


    Synopsis

    A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages

    Description

    WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.

    Impact

    An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All hostapd users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"

    All wpa_supplicant users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"

    References

    [ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . 6) - i386, x86_64

    1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0211",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13078",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13078",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30405",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13078",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-13078",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30405",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-381",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13078",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n           attacks\n     Date: November 10, 2017\n     Bugs: #634436, #634438\n       ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-wireless/hostapd         \u003c 2.6-r1                  \u003e= 2.6-r1 \n  2  net-wireless/wpa_supplicant\n                                  \u003c 2.6-r3                  \u003e= 2.6-r3 \n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-13077\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[  2 ] CVE-2017-13078\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[  3 ] CVE-2017-13079\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[  4 ] CVE-2017-13080\n. 6) - i386, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13078",
            "trust": 4.5
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94846424",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "D6BBEDBA-FFB0-46FC-8B8D-FC2A4FCE19B2",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144659",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "id": "VAR-201710-0211",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          }
        ],
        "trust": 1.3965711281818183
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          }
        ]
      },
      "last_update_date": "2024-07-23T21:10:29.332000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/103819"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75495"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13078",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13078"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13078"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/devkosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/krack "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes "
          },
          {
            "title": "welivesecurity",
            "trust": 0.1,
            "url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.7,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu94846424/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht208038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-12-13T03:33:33",
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "date": "2017-12-13T04:44:44",
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "date": "2018-07-05T23:02:22",
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-11-10T19:19:00",
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "date": "2017-10-18T20:20:00",
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "date": "2017-10-17T13:29:00.193000",
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "date": "2019-10-03T00:03:26.223000",
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0207

    Vulnerability from variot - Updated: 2024-07-23 20:12

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-6-3 watchOS 4.2

    watchOS 4.2 addresses the following:

    IOSurface Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13861: Ian Beer of Google Project Zero

    Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13862: Apple CVE-2017-13876: Ian Beer of Google Project Zero

    Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2017-13833: Brandon Azad

    Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: A type confusion issue was addressed with improved memory handling. CVE-2017-13855: Jann Horn of Google Project Zero

    Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13867: Ian Beer of Google Project Zero

    Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-13865: Ian Beer of Google Project Zero CVE-2017-13868: Brandon Azad CVE-2017-13869: Jann Horn of Google Project Zero

    Wi-Fi Available for: Apple Watch (1st Generation) and Apple Watch Series 3 Released for Apple Watch Series 1 and Apple Watch Series 2 in watchOS 4.1. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641

    To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".

    Alternatively, on your watch, select "My Watch > General > About". Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


    Title: Microsoft Security Update Releases Issued: October 17, 2017


    Summary

    The following CVE has undergone a major revision increment.

    • ADV170018

    CVE Revision Information:

    CVE-2017-13080

    • Title: ADV170018 | October 2017 Flash Update
    • https://portal.msrc.microsoft.com/en-us/security-guidance
    • Reason for Revision: The October Adobe Flash Security Update is available for installation. See https://support.microsoft.com/ en-us/help/4049179 for more information.
    • Originally posted: October 17, 2017
    • Updated: N/A
    • CVE Severity Rating: Critical
    • Version: 1.0

    Other Information

    Recognize and avoid fraudulent email to Microsoft customers:

    If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

    The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at https://technet.microsoft.com/security/dn753714.


    THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.


    Microsoft respects your privacy. Please read our online Privacy Statement at http://go.microsoft.com/fwlink/?LinkId=81184.

    If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: https://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar d.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e&%3blcid=1033.

    These settings will not affect any newsletters youave requested or any mandatory service communications that are considered part of certain Microsoft services.

    For legal Information, see: http://www.microsoft.com/info/legalinfo/default.mspx.

    This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052

    -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com Charset: utf-8

    wsFVAwUBWeY7FvsCXwi14Wq8AQibMw/9HB/Dclpw74jADq8uMxo5mm+ZFGZ9gXqW pTdHL3HrzNqzsM/7oq1sYdzVqN2j35pXMpPmJnjt9ewhma0G+IKwwtu7efFelhUd bEB8o5KLREJJLnDVHWAfAEVvFqx15E7hbQdjQdwvK+fT26W7QwyyUnQt9akTR9bS v3B/GKLuacopPD7G/+v3g2N51NBbp1STidNTbOqbExK/UDqZBbkLs4XoC6FORXMY kdUzSuWPuDVQneqOpQlC9O2M7+f6qWWdVG67F44tD6e575eToCf0LVjsLIPEMx06 iuK0alu4HnUi3mwTpruwkrFANJlL0y6o6uwfBt/QQ/RQoe6EeBmQOvFB6jTa8fQ7 ydHIMTKgxCJQMzUGrrkr0F+M0S0yZkW5Pq90eZxLtvxAypJSbPlH3ET4h4hIeuqv 38eOg5Pb5FkBdaMaP0VqeI/k/Ur5TRHvLSBWp5jgZi6CMKb8srfTmR53vs5Igtgb Tsh10G0bXAExWWE/pqmQs+rW03/ElM5JoH8/wS9tG4M3UNvsnR2CUz2KbIvQcJFt DG34sh3Z5HztbGmkWUxWwORcUrvW0U6DnP1U4D6uSmcSZrO5dwIHTIA4kECw7Ret SjhMDbo9s2Y75VBb1ilIbQY3AnzT2q2j6t3kJnyh3IjmMP96bhmdF1FF4apToAUv TVE4JSTK9HY= =G8zY -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3505-1 December 06, 2017

    linux-firmware vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.10
    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in linux-firmware.

    Software Description: - linux-firmware: Firmware for Linux kernel drivers

    Details:

    Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. (CVE-2017-13080, CVE-2017-13081)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.10: linux-firmware 1.169.1

    Ubuntu 17.04: linux-firmware 1.164.2

    Ubuntu 16.04 LTS: linux-firmware 1.157.14

    Ubuntu 14.04 LTS: linux-firmware 1.127.24

    After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0207",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13080",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13080",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30403",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2017-13080",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-13080",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30403",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-383",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13080",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-6-3 watchOS 4.2\n\nwatchOS 4.2 addresses the following:\n\nIOSurface\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13861: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13862: Apple\nCVE-2017-13876: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2017-13833: Brandon Azad\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2017-13855: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13867: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2017-13865: Ian Beer of Google Project Zero\nCVE-2017-13868: Brandon Azad\nCVE-2017-13869: Jann Horn of Google Project Zero\n\nWi-Fi\nAvailable for: Apple Watch (1st Generation) and Apple Watch Series 3\nReleased for Apple Watch Series 1 and Apple Watch Series 2 in\nwatchOS 4.1. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. \nCVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n********************************************************************\nTitle: Microsoft Security Update Releases\nIssued: October 17, 2017\n********************************************************************\n\nSummary\n=======\n\nThe following CVE has undergone a major revision increment. \n\n* ADV170018\n\n\nCVE Revision Information:\n=====================\n\nCVE-2017-13080\n\n - Title: ADV170018 | October 2017 Flash Update\n - https://portal.msrc.microsoft.com/en-us/security-guidance\n - Reason for Revision: The October Adobe Flash Security Update is \n   available for installation. See https://support.microsoft.com/\n   en-us/help/4049179 for more information. \n - Originally posted: October 17, 2017  \n - Updated: N/A \n - CVE Severity Rating: Critical\n - Version: 1.0\n\n\nOther Information\n=================\n\nRecognize and avoid fraudulent email to Microsoft customers:\n=============================================================\nIf you receive an email message that claims to be distributing \na Microsoft security update, it is a hoax that may contain \nmalware or pointers to malicious websites. Microsoft does \nnot distribute security updates via email. \n\nThe Microsoft Security Response Center (MSRC) uses PGP to digitally \nsign all security notifications. However, PGP is not required for \nreading security notifications, reading security bulletins, or \ninstalling security updates. You can obtain the MSRC public PGP key\nat \u003chttps://technet.microsoft.com/security/dn753714\u003e. \n\n********************************************************************\nTHE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS\nPROVIDED \"AS IS\" WITHOUT WARRANTY OF ANY KIND. MICROSOFT\nDISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING\nTHE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. \nIN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE\nLIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL\nDAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN\nADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nSOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY\nFOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING\nLIMITATION MAY NOT APPLY. \n********************************************************************\n\nMicrosoft respects your privacy. Please read our online Privacy\nStatement at \u003chttp://go.microsoft.com/fwlink/?LinkId=81184\u003e. \n\nIf you would prefer not to receive future technical security\nnotification alerts by email from Microsoft and its family of\ncompanies please visit the following website to unsubscribe:\n\u003chttps://profile.microsoft.com/RegSysProfileCenter/subscriptionwizar\nd.aspx?wizid=5a2a311b-5189-4c9b-9f1a-d5e913a26c2e\u0026%3blcid=1033\u003e. \n\nThese settings will not affect any newsletters youave requested or\nany mandatory service communications that are considered part of\ncertain Microsoft services. \n\nFor legal Information, see:\n\u003chttp://www.microsoft.com/info/legalinfo/default.mspx\u003e. \n\nThis newsletter was sent by:\nMicrosoft Corporation\n1 Microsoft Way\nRedmond, Washington, USA\n98052\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com\nCharset: utf-8\n\nwsFVAwUBWeY7FvsCXwi14Wq8AQibMw/9HB/Dclpw74jADq8uMxo5mm+ZFGZ9gXqW\npTdHL3HrzNqzsM/7oq1sYdzVqN2j35pXMpPmJnjt9ewhma0G+IKwwtu7efFelhUd\nbEB8o5KLREJJLnDVHWAfAEVvFqx15E7hbQdjQdwvK+fT26W7QwyyUnQt9akTR9bS\nv3B/GKLuacopPD7G/+v3g2N51NBbp1STidNTbOqbExK/UDqZBbkLs4XoC6FORXMY\nkdUzSuWPuDVQneqOpQlC9O2M7+f6qWWdVG67F44tD6e575eToCf0LVjsLIPEMx06\niuK0alu4HnUi3mwTpruwkrFANJlL0y6o6uwfBt/QQ/RQoe6EeBmQOvFB6jTa8fQ7\nydHIMTKgxCJQMzUGrrkr0F+M0S0yZkW5Pq90eZxLtvxAypJSbPlH3ET4h4hIeuqv\n38eOg5Pb5FkBdaMaP0VqeI/k/Ur5TRHvLSBWp5jgZi6CMKb8srfTmR53vs5Igtgb\nTsh10G0bXAExWWE/pqmQs+rW03/ElM5JoH8/wS9tG4M3UNvsnR2CUz2KbIvQcJFt\nDG34sh3Z5HztbGmkWUxWwORcUrvW0U6DnP1U4D6uSmcSZrO5dwIHTIA4kECw7Ret\nSjhMDbo9s2Y75VBb1ilIbQY3AnzT2q2j6t3kJnyh3IjmMP96bhmdF1FF4apToAUv\nTVE4JSTK9HY=\n=G8zY\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-3505-1\nDecember 06, 2017\n\nlinux-firmware vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in linux-firmware. \n\nSoftware Description:\n- linux-firmware: Firmware for Linux kernel drivers\n\nDetails:\n\nMathy Vanhoef discovered that the firmware for several Intel WLAN\ndevices incorrectly handled WPA2 in relation to Wake on WLAN. (CVE-2017-13080, CVE-2017-13081)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n  linux-firmware                  1.169.1\n\nUbuntu 17.04:\n  linux-firmware                  1.164.2\n\nUbuntu 16.04 LTS:\n  linux-firmware                  1.157.14\n\nUbuntu 14.04 LTS:\n  linux-firmware                  1.127.24\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "PACKETSTORM",
            "id": "145272"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "145273"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080",
            "trust": 4.5
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039703",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039572",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94846424",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3967",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-45682",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "52CDA2A8-8175-413F-97BB-CF2E4C75F7C4",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145272",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144828",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145430",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145273",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144666",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145228",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144829",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "PACKETSTORM",
            "id": "145272"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "145273"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "id": "VAR-201710-0207",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          }
        ],
        "trust": 1.3965711281818183
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          }
        ]
      },
      "last_update_date": "2024-07-23T20:12:56.623000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "title": "CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation Vulnerability",
            "trust": 0.8,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation Vulnerability",
            "trust": 0.8,
            "url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2017-13080"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN\u306e\u6697\u53f7\u5316\u901a\u4fe1\u898f\u683cWPA2\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://dynabook.com/assistpc/info/2017/201711_wpa2.htm"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability (CNVD-2017-30403)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/103821"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75497"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
          },
          {
            "title": "Ubuntu Security Notice: linux-firmware vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3505-1"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13080",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13080"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13080"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "HP: HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03582"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Apple: iOS 11.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=75d972e5e0d4b4019a5bb869f1befb00"
          },
          {
            "title": "HP: HPSBHF03697 rev. 1 - Intel\u00ae PROSet/Wireless WiFi Software November 2020 Security Updates",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03697"
          },
          {
            "title": "Apple: tvOS 11.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8d9ba2a4e31c3f4387eccea1c1dbc99c"
          },
          {
            "title": "Apple: watchOS 4.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8658f9579768b2f61d8a0c0f1d03ed58"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8e90004e437eabc9a0809772bb0707c4"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/devkosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/krack "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.6,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.5,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.8,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.0,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039572"
          },
          {
            "trust": 1.7,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039703"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208334"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208327"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208325"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
          },
          {
            "trust": 1.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu94846424/"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3967/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.6,
            "url": "https://support.lenovo.com/us/en/product_security/len-45682"
          },
          {
            "trust": 0.5,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.5,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13865"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13868"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13876"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13862"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13869"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13833"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13861"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13867"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13855"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/kb/ht204641"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13799"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13849"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13804"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3505-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13798"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13796"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13803"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13793"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13791"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13802"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13792"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13795"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13785"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13784"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13794"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13783"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13788"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13866"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7156"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13856"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13870"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7157"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/info/legalinfo/default.mspx\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://go.microsoft.com/fwlink/?linkid=81184\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://www.pgp.com"
          },
          {
            "trust": 0.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance"
          },
          {
            "trust": 0.1,
            "url": "https://support.microsoft.com/"
          },
          {
            "trust": 0.1,
            "url": "https://technet.microsoft.com/security/dn753714\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://profile.microsoft.com/regsysprofilecenter/subscriptionwizar"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.169.1"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3505-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.164.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.157.14"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.127.24"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "PACKETSTORM",
            "id": "145272"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "145273"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "db": "PACKETSTORM",
            "id": "145272"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "145273"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "date": "2017-12-08T15:55:55",
            "db": "PACKETSTORM",
            "id": "145272"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-11-01T15:44:40",
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "date": "2017-12-15T04:44:44",
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "date": "2017-12-08T14:55:55",
            "db": "PACKETSTORM",
            "id": "145273"
          },
          {
            "date": "2017-10-18T10:11:11",
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "date": "2017-12-06T22:22:00",
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "date": "2017-11-01T15:46:36",
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "date": "2017-10-17T13:29:00.397000",
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "date": "2020-11-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009173"
          },
          {
            "date": "2021-12-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "date": "2020-11-10T21:15:12.267000",
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0206

    Vulnerability from variot - Updated: 2024-07-23 19:26

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ5nilXlSAg2UNWIIRAu7RAJwO3CwWfh61xybvjdxlG0Iqd17JpwCcD5FK 5vz/c6aXRYIJEjVFKVqkVU0= =rSjV -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

    AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.

    AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03


    Synopsis

    A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack. hostapd is a user space daemon for access point and authentication servers.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages

    Description

    WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.

    Impact

    An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All hostapd users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"

    All wpa_supplicant users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"

    References

    [ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . 6) - i386, x86_64

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0206",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "alliance w1.f1 wpa supplicant",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "wi fi",
            "version": "2.6"
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13077",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.4,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2017-13077",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30406",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "69402209-7265-4991-8217-51ff9b4857be",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-13077",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-13077",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30406",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-380",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "69402209-7265-4991-8217-51ff9b4857be",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13077",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ5nilXlSAg2UNWIIRAu7RAJwO3CwWfh61xybvjdxlG0Iqd17JpwCcD5FK\n5vz/c6aXRYIJEjVFKVqkVU0=\n=rSjV\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n           attacks\n     Date: November 10, 2017\n     Bugs: #634436, #634438\n       ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. hostapd is a user space daemon for access point and\nauthentication servers. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-wireless/hostapd         \u003c 2.6-r1                  \u003e= 2.6-r1 \n  2  net-wireless/wpa_supplicant\n                                  \u003c 2.6-r3                  \u003e= 2.6-r3 \n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-13077\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[  2 ] CVE-2017-13078\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[  3 ] CVE-2017-13079\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[  4 ] CVE-2017-13080\n. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13077",
            "trust": 4.5
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94846424",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51FF9B4857BE",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144659",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "id": "VAR-201710-0206",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          }
        ],
        "trust": 1.4301902008333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          }
        ]
      },
      "last_update_date": "2024-07-23T19:26:04.525000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network PTK-TK Encryption Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/103818"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75494"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13077",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13077"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13077"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014May 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=170d2de05a0349ffa4f579ee79da1e9d"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014June 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cc496c56e2bf669809bfb568f59af8e1"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/devkosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/krack "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes "
          },
          {
            "title": "welivesecurity",
            "trust": 0.1,
            "url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.7,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://source.android.com/security/bulletin/2018-06-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu94846424/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht208038"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-12-13T03:33:33",
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "date": "2017-12-13T04:44:44",
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "date": "2018-07-05T23:02:22",
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-11-10T19:19:00",
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "date": "2017-10-18T20:20:00",
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "date": "2017-10-17T02:29:00.207000",
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "date": "2019-10-03T00:03:26.223000",
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.6
      }
    }