var-200212-0032
Vulnerability from variot
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. There is a vulnerability in several state-based firewall products that allows arbitrary remote attackers to conduct denial of service attacks against vulnerable firewalls. There is a vulnerability that causes the firewall to not accept new sessions by sending a large number of packets to a multi-vendor firewall by exploiting the state table specification.Service disruption to firewall (DoS) It may be in a state. It has been reported that many firewalls do not properly handle certain types of input. Firewall systems that maintain state could be attacked and forced into a situation where all service is denied. This condition would occur as a result of certain types of traffic floods. A comprehensive listing of affected products is not available at this time. A variety of firewall products use the state table to judge whether the obtained packet belongs to the existing session between two hosts. The firewall will remove relevant entries from the state table for different reasons, including session time-out expiration, detection of TCP FIN or TCP, RST packets, and so on. If new state entries are added faster than the firewall can delete entries, a remote attacker can exploit this to fill up all state table buffers, resulting in a denial of service attack. The packet of the session state is refused to accept, and the new connection will not be established, resulting in a denial of service attack. Attackers can use the following methods to attack: TCP SYN FLOOD In order to establish a TCP connection, the client and server must participate in a three-way handshake. The client system sends a SYN message to the server, and the server responds to the SYN message to the client by sending a SYN-ACK message. The client finally completes the establishment of the connection by replying to the ACK message, and then performs data transmission. In a SYN FLOOD attack, an attacker can send SYN packets with forged IP source addresses, making the communications appear to come from multiple clients. Because the client address is forged, the SYN-ACK message sent to the client will be discarded, and a large number of such communications can cause the firewall's entry table to be filled with forged entries, resulting in a denial of service attack. UDP Flood In a UDP FLOOD attack, the attacker can send a large number of small UDP packets with forged source IP addresses. However, since the UDP protocol is connectionless, there is no session state indication information (SYN, SYN-ACK, ACK, FIN, or RST) to help the firewall detect abnormal protocol states. As a result, state-based firewalls must rely on source and destination addresses to create state table entries and set session timeout values. The CRC check is calculated at each network layer and is used to determine whether data has been corrupted during transmission. C2 Flood is a packet containing an illegal checksum of the transport layer (TCP, UDP). Since the checksum of the transport layer does not go through the firewall operation, many implementations choose to optimize performance by ignoring these checksums, so if C2..
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.7.1r3"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "3.0.1r1"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "3.0.1r2"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.7.1r1"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.7.1r2"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.10_r4"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.10_r3"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "2.7.1"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "3.0.3_r1.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng"
},
{
"model": "screenos r1.1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.3"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.10"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.10"
},
{
"model": "screenos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.7.1"
},
{
"model": "omniaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "2500"
},
{
"model": "omniaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "2100"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "BID",
"id": "6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:pix_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stephen Gill",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2150",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6533",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2150",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#539363",
"trust": 0.8,
"value": "19.69"
},
{
"author": "NVD",
"id": "CVE-2002-2150",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-425",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6533",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "VULHUB",
"id": "VHN-6533"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. There is a vulnerability in several state-based firewall products that allows arbitrary remote attackers to conduct denial of service attacks against vulnerable firewalls. There is a vulnerability that causes the firewall to not accept new sessions by sending a large number of packets to a multi-vendor firewall by exploiting the state table specification.Service disruption to firewall (DoS) It may be in a state. \nIt has been reported that many firewalls do not properly handle certain types of input. Firewall systems that maintain state could be attacked and forced into a situation where all service is denied. This condition would occur as a result of certain types of traffic floods. \nA comprehensive listing of affected products is not available at this time. A variety of firewall products use the state table to judge whether the obtained packet belongs to the existing session between two hosts. The firewall will remove relevant entries from the state table for different reasons, including session time-out expiration, detection of TCP FIN or TCP, RST packets, and so on. If new state entries are added faster than the firewall can delete entries, a remote attacker can exploit this to fill up all state table buffers, resulting in a denial of service attack. The packet of the session state is refused to accept, and the new connection will not be established, resulting in a denial of service attack. Attackers can use the following methods to attack: TCP SYN FLOOD In order to establish a TCP connection, the client and server must participate in a three-way handshake. The client system sends a SYN message to the server, and the server responds to the SYN message to the client by sending a SYN-ACK message. The client finally completes the establishment of the connection by replying to the ACK message, and then performs data transmission. In a SYN FLOOD attack, an attacker can send SYN packets with forged IP source addresses, making the communications appear to come from multiple clients. Because the client address is forged, the SYN-ACK message sent to the client will be discarded, and a large number of such communications can cause the firewall\u0027s entry table to be filled with forged entries, resulting in a denial of service attack. UDP Flood In a UDP FLOOD attack, the attacker can send a large number of small UDP packets with forged source IP addresses. However, since the UDP protocol is connectionless, there is no session state indication information (SYN, SYN-ACK, ACK, FIN, or RST) to help the firewall detect abnormal protocol states. As a result, state-based firewalls must rely on source and destination addresses to create state table entries and set session timeout values. The CRC check is calculated at each network layer and is used to determine whether data has been corrupted during transmission. C2 Flood is a packet containing an illegal checksum of the transport layer (TCP, UDP). Since the checksum of the transport layer does not go through the firewall operation, many implementations choose to optimize performance by ignoring these checksums, so if C2..",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2150"
},
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "BID",
"id": "6023"
},
{
"db": "VULHUB",
"id": "VHN-6533"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#539363",
"trust": 3.6
},
{
"db": "BID",
"id": "6023",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2002-2150",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "3708",
"trust": 0.6
},
{
"db": "XF",
"id": "10449",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6533",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "VULHUB",
"id": "VHN-6533"
},
{
"db": "BID",
"id": "6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"id": "VAR-200212-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6533"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T23:05:55.795000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cisco.com/jp/index.shtml"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"trust": 3.5,
"url": "http://www.securityfocus.com/bid/6023"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/10449.php"
},
{
"trust": 0.8,
"url": "http://www.qorbit.net/documents/maximizing-firewall-availability.pdf"
},
{
"trust": 0.8,
"url": "http://www.uwsg.iu.edu/usail/network/nfs/network_layers.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/syncookies.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-2150"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-2150"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3708"
},
{
"trust": 0.3,
"url": "http://www.alcatel.com/"
},
{
"trust": 0.3,
"url": "http://www.netscreen.com/index.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "VULHUB",
"id": "VHN-6533"
},
{
"db": "BID",
"id": "6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#539363"
},
{
"db": "VULHUB",
"id": "VHN-6533"
},
{
"db": "BID",
"id": "6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-15T00:00:00",
"db": "CERT/CC",
"id": "VU#539363"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6533"
},
{
"date": "2002-10-21T00:00:00",
"db": "BID",
"id": "6023"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"date": "2002-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-01-06T00:00:00",
"db": "CERT/CC",
"id": "VU#539363"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6533"
},
{
"date": "2002-10-21T00:00:00",
"db": "BID",
"id": "6023"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000250"
},
{
"date": "2006-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-425"
},
{
"date": "2024-11-20T23:42:59.507000",
"db": "NVD",
"id": "CVE-2002-2150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "State-based firewalls fail to effectively manage session table resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#539363"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "6023"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-425"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…