var-201403-0312
Vulnerability from variot

The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-331: Insufficient Entropy ( Lack of entropy ) Has been identified. http://cwe.mitre.org/data/definitions/331.htmlA third party could break the cryptographic protection mechanism and hijack the session. Siemens SIMATIC is an automation software in a single engineering environment. The random number generator used by Siemens SIMATIC S7-1500 uses low entropy. The WEB server used by the S7-1500 PLC verifies that there is a security vulnerability in the verification of the random number, allowing the attacker to exploit the vulnerability to hijack the WEB session. Siemens SIMATIC S7-1500 is prone to an insufficient-entropy vulnerability. Remote attackers can exploit this issue to perform man-in-the-middle attacks and gains unauthorized access to the affected devices. This aids in other attacks. Versions prior to Siemens SIMATIC S7-1500 1.5.0 are vulnerable

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0312",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic s7-1500 cpu",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "1.0.1"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "1.1.1"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.2"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "1.5.0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.x"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.1.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu",
        "version": "1.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu",
        "version": "1.1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu",
        "version": "1.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Dmitry Serebryannikov, Ilya Karpov, Alexey Osipov, Yury Goltsev, Alex Timorin, Alexey Osipov, and Ilya Karpov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "66195"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-2251",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-2251",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2014-01720",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "25b452d0-2352-11e6-abef-000c29c66e3d",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-70190",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-2251",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-2251",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-01720",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201403-327",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "25b452d0-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70190",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-331: Insufficient Entropy ( Lack of entropy ) Has been identified. http://cwe.mitre.org/data/definitions/331.htmlA third party could break the cryptographic protection mechanism and hijack the session. Siemens SIMATIC is an automation software in a single engineering environment. The random number generator used by Siemens SIMATIC S7-1500 uses low entropy. The WEB server used by the S7-1500 PLC verifies that there is a security vulnerability in the verification of the random number, allowing the attacker to exploit the vulnerability to hijack the WEB session. Siemens SIMATIC S7-1500 is prone to an insufficient-entropy vulnerability. \nRemote attackers can exploit this issue to perform man-in-the-middle attacks and gains unauthorized access to the affected devices. This aids in other attacks. \nVersions prior to Siemens SIMATIC S7-1500 1.5.0 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "BID",
        "id": "66195"
      },
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2251",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-073-01",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-456423",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "66195",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "25B452D0-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "db": "BID",
        "id": "66195"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "id": "VAR-201403-0312",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      }
    ],
    "trust": 1.48274233
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:19.445000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-456423",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf"
      },
      {
        "title": "Siemens SIMATIC S7-1500 patch with insufficient entropy vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/44302"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-073-01"
      },
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2251"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2251"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "db": "BID",
        "id": "66195"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "db": "BID",
        "id": "66195"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-03-17T00:00:00",
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-03-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "date": "2014-03-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "date": "2014-03-12T00:00:00",
        "db": "BID",
        "id": "66195"
      },
      {
        "date": "2014-03-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "date": "2014-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "date": "2014-03-16T14:06:45.867000",
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-03-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-01720"
      },
      {
        "date": "2020-02-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70190"
      },
      {
        "date": "2014-03-19T01:13:00",
        "db": "BID",
        "id": "66195"
      },
      {
        "date": "2014-03-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      },
      {
        "date": "2020-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      },
      {
        "date": "2024-11-21T02:05:56.067000",
        "db": "NVD",
        "id": "CVE-2014-2251"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC S7-1500 CPU PLC Vulnerability that breaks cryptographic protection mechanism in random number generation of devices",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001710"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "IVD",
        "id": "25b452d0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-327"
      }
    ],
    "trust": 0.8
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.