CVE-2025-6188 (GCVE-0-2025-6188)
Vulnerability from cvelistv5
Published
2025-08-25 20:14
Modified
2025-08-27 14:53
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE
  • 288
Summary
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.
References
psirt@arista.comhttps://www.arista.com/en/support/advisories-notices/security-advisory/22021-security-advisory-0121
Impacted products
Vendor Product Version
Arista Networks EOS Version: 4.33.0   <
Version: 4.33.1.0   <
Version: 4.32.4.0   <
Version: 4.31.0   <
Version: 4.30.0   <
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6188",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-26T19:56:57.303610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-290",
                "description": "CWE-290 Authentication Bypass by Spoofing",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T14:53:30.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "EOS"
          ],
          "product": "EOS",
          "vendor": "Arista Networks",
          "versions": [
            {
              "lessThanOrEqual": "4.33.1F",
              "status": "affected",
              "version": "4.33.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.33.1.2F",
              "status": "affected",
              "version": "4.33.1.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.32.4.1M",
              "status": "affected",
              "version": "4.32.4.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.31.6M",
              "status": "affected",
              "version": "4.31.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.30.9.1M",
              "status": "affected",
              "version": "4.30.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEOS devices are vulnerable to CVE-2025-6188 by default, and no specific configuration is necessary.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "EOS devices are vulnerable to CVE-2025-6188 by default, and no specific configuration is necessary."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This issue was discovered externally and responsibly reported to Arista by Chris Laffin of automattic.com."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-486",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-486 UDP Flood"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "288",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-25T20:14:23.427Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22021-security-advisory-0121"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2025-6188 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.34.0 and later releases in the 4.34.x train\u003c/li\u003e\u003cli\u003e4.33.2 and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.5 and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.7 and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.10 and later releases in the 4.30.x train\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2025-6188 has been fixed in the following releases:\n\n  *  4.34.0 and later releases in the 4.34.x train\n  *  4.33.2 and later releases in the 4.33.x train\n  *  4.32.5 and later releases in the 4.32.x train\n  *  4.31.7 and later releases in the 4.31.x train\n  *  4.30.10 and later releases in the 4.30.x train"
        }
      ],
      "source": {
        "advisory": "121",
        "defect": [
          "BUG 1008073"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eFor EOS versions more recent than 4.28.1, if MPLS is not being used on the EOS device, a custom control plane ACL can be applied to remove the rules that allow traffic with source port 3503.\u003c/p\u003e\u003cpre\u003eSwitch(config)#system control-plane\nSwitch(config-cp)#ip access-group my-custom-acl \n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eFor EOS versions more recent than 4.22.0, an \u2018mpls ping\u2019 service ACL can be applied to restrict traffic coming with source/destination port 3503. This service ACL is applicable on the traffic coming in with source/destination port 3503. MPLS configuration is not required to apply the ACL.\u003c/p\u003e\u003cp\u003eTake the following example, where the user applies service ACL \u2018Foo\u2019 that allows traffic from 10.0.0.0/8 with source port 3503 and denies everything else.\u003c/p\u003e\u003cpre\u003eSwitch(config)#ip access-list Foo\nSwitch(config-acl-foo)#permit udp 10.0.0.0/8 eq lsp-ping any\nSwitch(config-acl-foo)#deny udp any eq lsp-ping any\n \nSwitch(config)#mpls ping\nSwitch(config-mpls-ping)#ip access-group foo in\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf MPLS is not being used, it is fine to only have the deny rule in the ACL. For EOS versions older than 4.22.0 no mitigation exists.\u003c/p\u003e"
            }
          ],
          "value": "For EOS versions more recent than 4.28.1, if MPLS is not being used on the EOS device, a custom control plane ACL can be applied to remove the rules that allow traffic with source port 3503.\n\nSwitch(config)#system control-plane\nSwitch(config-cp)#ip access-group my-custom-acl \n\n\n\u00a0\n\nFor EOS versions more recent than 4.22.0, an \u2018mpls ping\u2019 service ACL can be applied to restrict traffic coming with source/destination port 3503. This service ACL is applicable on the traffic coming in with source/destination port 3503. MPLS configuration is not required to apply the ACL.\n\nTake the following example, where the user applies service ACL \u2018Foo\u2019 that allows traffic from 10.0.0.0/8 with source port 3503 and denies everything else.\n\nSwitch(config)#ip access-list Foo\nSwitch(config-acl-foo)#permit udp 10.0.0.0/8 eq lsp-ping any\nSwitch(config-acl-foo)#deny udp any eq lsp-ping any\n \nSwitch(config)#mpls ping\nSwitch(config-mpls-ping)#ip access-group foo in\n\n\n\u00a0\n\nIf MPLS is not being used, it is fine to only have the deny rule in the ACL. For EOS versions older than 4.22.0 no mitigation exists."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2025-6188",
    "datePublished": "2025-08-25T20:14:23.427Z",
    "dateReserved": "2025-06-16T20:34:33.402Z",
    "dateUpdated": "2025-08-27T14:53:30.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-6188\",\"sourceIdentifier\":\"psirt@arista.com\",\"published\":\"2025-08-25T21:15:38.500\",\"lastModified\":\"2025-08-27T15:15:40.633\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.\"},{\"lang\":\"es\",\"value\":\"En las plataformas afectadas que ejecutan Arista EOS, EOS podr\u00eda aceptar paquetes UDP maliciosos con el puerto de origen 3503. El puerto UDP 3503 est\u00e1 asociado con la respuesta de eco de LspPing. Esto puede provocar comportamientos inesperados, especialmente en servicios basados en UDP que no realizan ning\u00fan tipo de autenticaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"references\":[{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/22021-security-advisory-0121\",\"source\":\"psirt@arista.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-6188\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-26T19:56:57.303610Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-26T19:57:03.146Z\"}}], \"cna\": {\"title\": \"On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n\", \"source\": {\"defect\": [\"BUG 1008073\"], \"advisory\": \"121\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This issue was discovered externally and responsibly reported to Arista by Chris Laffin of automattic.com.\"}], \"impacts\": [{\"capecId\": \"CAPEC-486\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-486 UDP Flood\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Arista Networks\", \"product\": \"EOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.33.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.33.1F\"}, {\"status\": \"affected\", \"version\": \"4.33.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.33.1.2F\"}, {\"status\": \"affected\", \"version\": \"4.32.4.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.32.4.1M\"}, {\"status\": \"affected\", \"version\": \"4.31.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.31.6M\"}, {\"status\": \"affected\", \"version\": \"4.30.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.30.9.1M\"}], \"platforms\": [\"EOS\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \\n\\nCVE-2025-6188 has been fixed in the following releases:\\n\\n  *  4.34.0 and later releases in the 4.34.x train\\n  *  4.33.2 and later releases in the 4.33.x train\\n  *  4.32.5 and later releases in the 4.32.x train\\n  *  4.31.7 and later releases in the 4.31.x train\\n  *  4.30.10 and later releases in the 4.30.x train\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\\\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2025-6188 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.34.0 and later releases in the 4.34.x train\u003c/li\u003e\u003cli\u003e4.33.2 and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.5 and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.7 and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.10 and later releases in the 4.30.x train\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/22021-security-advisory-0121\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"For EOS versions more recent than 4.28.1, if MPLS is not being used on the EOS device, a custom control plane ACL can be applied to remove the rules that allow traffic with source port 3503.\\n\\nSwitch(config)#system control-plane\\nSwitch(config-cp)#ip access-group my-custom-acl \\n\\n\\n\\u00a0\\n\\nFor EOS versions more recent than 4.22.0, an \\u2018mpls ping\\u2019 service ACL can be applied to restrict traffic coming with source/destination port 3503. This service ACL is applicable on the traffic coming in with source/destination port 3503. MPLS configuration is not required to apply the ACL.\\n\\nTake the following example, where the user applies service ACL \\u2018Foo\\u2019 that allows traffic from 10.0.0.0/8 with source port 3503 and denies everything else.\\n\\nSwitch(config)#ip access-list Foo\\nSwitch(config-acl-foo)#permit udp 10.0.0.0/8 eq lsp-ping any\\nSwitch(config-acl-foo)#deny udp any eq lsp-ping any\\n \\nSwitch(config)#mpls ping\\nSwitch(config-mpls-ping)#ip access-group foo in\\n\\n\\n\\u00a0\\n\\nIf MPLS is not being used, it is fine to only have the deny rule in the ACL. For EOS versions older than 4.22.0 no mitigation exists.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eFor EOS versions more recent than 4.28.1, if MPLS is not being used on the EOS device, a custom control plane ACL can be applied to remove the rules that allow traffic with source port 3503.\u003c/p\u003e\u003cpre\u003eSwitch(config)#system control-plane\\nSwitch(config-cp)#ip access-group my-custom-acl \\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eFor EOS versions more recent than 4.22.0, an \\u2018mpls ping\\u2019 service ACL can be applied to restrict traffic coming with source/destination port 3503. This service ACL is applicable on the traffic coming in with source/destination port 3503. MPLS configuration is not required to apply the ACL.\u003c/p\u003e\u003cp\u003eTake the following example, where the user applies service ACL \\u2018Foo\\u2019 that allows traffic from 10.0.0.0/8 with source port 3503 and denies everything else.\u003c/p\u003e\u003cpre\u003eSwitch(config)#ip access-list Foo\\nSwitch(config-acl-foo)#permit udp 10.0.0.0/8 eq lsp-ping any\\nSwitch(config-acl-foo)#deny udp any eq lsp-ping any\\n \\nSwitch(config)#mpls ping\\nSwitch(config-mpls-ping)#ip access-group foo in\\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf MPLS is not being used, it is fine to only have the deny rule in the ACL. For EOS versions older than 4.22.0 no mitigation exists.\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eOn affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"288\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"EOS devices are vulnerable to CVE-2025-6188 by default, and no specific configuration is necessary.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eEOS devices are vulnerable to CVE-2025-6188 by default, and no specific configuration is necessary.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"shortName\": \"Arista\", \"dateUpdated\": \"2025-08-25T20:14:23.427Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-6188\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T14:53:30.181Z\", \"dateReserved\": \"2025-06-16T20:34:33.402Z\", \"assignerOrgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"datePublished\": \"2025-08-25T20:14:23.427Z\", \"assignerShortName\": \"Arista\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.