fkie_cve-2021-1385
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability occurs because the device does not properly validate URIs in IOx API requests. An attacker could exploit this vulnerability by sending a crafted API request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system.
References
psirt@cisco.comhttps://github.com/orangecertcc/security-research/security/advisories/GHSA-hhfw-6cm2-v3w5Exploit, Third Party Advisory
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7gVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/orangecertcc/security-research/security/advisories/GHSA-hhfw-6cm2-v3w5Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7gVendor Advisory
Impacted products
Vendor Product Version
cisco ios 15.8\(3\)m2a
cisco ios 15.8\(3\)m3
cisco ios 15.8\(3\)m4
cisco ios 15.8\(3\)m5
cisco ios 15.8\(3\)m6
cisco ios 15.9\(3\)m
cisco ios 15.9\(3\)m1
cisco ios 15.9\(3\)m2
cisco ios 15.9\(3\)m2a
cisco ios 15.9\(3\)m3
cisco ios_xe 16.11.1
cisco ios_xe 16.11.1a
cisco ios_xe 16.11.1b
cisco ios_xe 16.11.1c
cisco ios_xe 16.11.1s
cisco ios_xe 16.11.2
cisco ios_xe 16.12.1
cisco ios_xe 16.12.1a
cisco ios_xe 16.12.1c
cisco ios_xe 16.12.1s
cisco ios_xe 16.12.1t
cisco ios_xe 16.12.1w
cisco ios_xe 16.12.1x
cisco ios_xe 16.12.1y
cisco ios_xe 16.12.1z
cisco ios_xe 16.12.1z1
cisco ios_xe 16.12.1za
cisco ios_xe 16.12.2
cisco ios_xe 16.12.2a
cisco ios_xe 16.12.2s
cisco ios_xe 16.12.2t
cisco ios_xe 16.12.3
cisco ios_xe 16.12.3a
cisco ios_xe 16.12.3s
cisco ios_xe 16.12.4
cisco ios_xe 16.12.4a
cisco ios_xe 16.12.5
cisco ios_xe 17.1.1
cisco ios_xe 17.1.1a
cisco ios_xe 17.1.1s
cisco ios_xe 17.1.1t
cisco ios_xe 17.1.2
cisco ios_xe 17.1.3
cisco ios_xe 17.2.1
cisco ios_xe 17.2.1a
cisco ios_xe 17.2.1r
cisco ios_xe 17.2.1v
cisco ios_xe 17.2.2
cisco ios_xe 17.3.1
cisco ios_xe 17.3.1a
cisco ios_xe 17.3.1w
cisco ios_xe 17.3.1x
cisco ios_xe 17.3.2
cisco ios_xe 17.3.2a
cisco ios_xe 17.4.1
cisco ios_xe 17.4.1a
cisco ios_xe 17.4.1b


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2a:*:*:*:*:*:*:*",
                     matchCriteriaId: "94E067E8-552B-4691-9F6A-C5E8766287BE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C4162EC-90DE-4194-8ABC-55CCB8C24FF6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.8\\(3\\)m4:*:*:*:*:*:*:*",
                     matchCriteriaId: "6715A135-61A7-4E56-948D-8A8D5F7C98C7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.8\\(3\\)m5:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C836C26-DBC1-42CB-9B73-9F248D4F2B6A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.8\\(3\\)m6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2CC4602-D1F5-4843-991A-2903C8336251",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.9\\(3\\)m:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.9\\(3\\)m1:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BA0A0E0-A9D8-4FC3-88BD-FA0E7290A9A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A1AF57E-79E9-40F2-817A-5E7D2760F1E8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEF9CEA3-054B-4469-A10F-DFCB9057E5E4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8313597-49A9-4918-B8D5-8E53C5C9AFAB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "314C7763-A64D-4023-9F3F-9A821AE4151F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
                     matchCriteriaId: "5820D71D-FC93-45AA-BC58-A26A1A39C936",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B53E377A-0296-4D7A-B97C-576B0026543D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C98DED36-D4B5-48D6-964E-EEEE97936700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD98C9E8-3EA6-4160-970D-37C389576516",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
                     matchCriteriaId: "9027A528-2588-4C06-810B-5BB313FE4323",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
                     matchCriteriaId: "7745ED34-D59D-49CC-B174-96BCA03B3374",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
                     matchCriteriaId: "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
                     matchCriteriaId: "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
                     matchCriteriaId: "93B96E01-3777-4C33-9225-577B469A6CE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*",
                     matchCriteriaId: "65FC3CC1-CF4F-4A2D-A500-04395AFE8B47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D18B32E3-6B33-4E3D-879A-82E2F0BFC906",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*",
                     matchCriteriaId: "027200FC-8AD4-47E4-A404-490AE4F997EC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
                     matchCriteriaId: "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
                     matchCriteriaId: "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5750264-2990-4942-85F4-DB9746C5CA2B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
                     matchCriteriaId: "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9173AD6-6658-4267-AAA7-D50D0B657528",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E306B09C-CB48-4067-B60C-5F738555EEAC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD446C51-E713-4E46-8328-0A0477D140D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
                     matchCriteriaId: "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "89369318-2E83-489F-B872-5F2E247BBF8F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "B51FA707-8DB1-4596-9122-D4BFEF17F400",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
                     matchCriteriaId: "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
                     matchCriteriaId: "211CC9B2-6108-4C50-AB31-DC527C43053E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "128F95D7-E49F-4B36-8F47-823C0298449E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "E21B3881-37E9-4C00-9336-12C9C28D1B61",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
                     matchCriteriaId: "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
                     matchCriteriaId: "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B270A04-9961-4E99-806B-441CD674AFBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
                     matchCriteriaId: "1360069D-0358-4746-8C3F-44C2A40988D7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. This vulnerability occurs because the device does not properly validate URIs in IOx API requests. An attacker could exploit this vulnerability by sending a crafted API request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el entorno de alojamiento de aplicaciones Cisco IOx de varias plataformas Cisco, podría permitir a un atacante remoto autenticado llevar a cabo ataques de salto de directorio y leer y escribir archivos en el sistema operativo o host subyacente. Esta vulnerabilidad ocurre porque el dispositivo no comprueba apropiadamente los URI en las peticiones de la API IOx. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición de API diseñada que contiene secuencias de caracteres de salto de directorio hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante leer o escribir archivos arbitrarios en el sistema operativo subyacente",
      },
   ],
   id: "CVE-2021-1385",
   lastModified: "2024-11-21T05:44:13.917",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.8,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.2,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-24T20:15:13.837",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-hhfw-6cm2-v3w5",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7g",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/orangecertcc/security-research/security/advisories/GHSA-hhfw-6cm2-v3w5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7g",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.