var-201412-0271
Vulnerability from variot
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications.
TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc. Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04819635
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04819635 Version: 1
HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-29 Last Updated: 2015-09-29
Potential Security Impact: Disclosure of Privileged Information, Remote Disclosure of Privileged Information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information.
References:
CVE-2014-8730 SSRT102263
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
VAN SDN Controller 2.5.21 VAN SDN Controller 2.5.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols in the client Auth properties of the /opt/sdn/virgo/configuration/tomcat-server.xml file.
Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing Change the following line from this: clientAuth="false" sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false" sslEnabledProtocols=" TLSv1.1,TLSv1.2" Restart the controller.
HISTORY Version:1 (rev.1) - 29 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5 =Px26 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0271", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.4.0 to 11.5.1" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.6.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.4.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.2.0 to 4.4.0" }, { "model": "big-iq security", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "internet navigware e-learning pack", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "internet navigware enterprise lms server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server express", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safeauthor", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator cloud edition" }, { "model": "systemwalker centric manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop keeper", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop patrol", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it change manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker operation manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker runbook automation", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker security control", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "tls", "scope": "eq", "trust": 0.6, "vendor": "f5", "version": "1.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.7" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.6" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.15" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.14" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.5" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.4" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.3" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.0" }, { "model": "sa700", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6611", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag4610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag2600", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.5" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.4" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.4" }, { "model": "tivoli system automation for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2.2.6" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli monitoring for virtual environments", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.31" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.0" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "spss modeler", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "16.0" }, { "model": "smartcloud provisioning for software virtual appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.13" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.12" }, { "model": "smartcloud provisioning ifix2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.01" }, { "model": "smartcloud provisioning ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning ifix1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.5" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.4" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2" }, { "model": "smartcloud orchestrator fp1 ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix5", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.3" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.2" }, { "model": "smartcloud control desk", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "security directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.02" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.41" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.38" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.37" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.35" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.34" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.33" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.32" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.31" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.210" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.17" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.16" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.10" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.13" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.61" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.21" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.12" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.11" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.51" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.41" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.37" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.36" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.35" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.34" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.33" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.32" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.31" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.0" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.3" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.010" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.213" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.11" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.06" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.16" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.15" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.14" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.10" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.122" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.121" }, { "model": "domino fp if4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.36" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.365" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.242" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.152" }, { "model": "domino if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.06" }, { "model": "db2 enterprise server edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.0.1" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.9" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.3" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.1" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.7.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.17" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.15" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.10" }, { "model": "fortios b0630", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios b0537", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios beta", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "fortios mr5", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.36" }, { "model": "fortios mr10", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.8" }, { "model": "fortios 0mr4", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.5" }, { "model": "fortios build", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0589" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.6" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.5" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.4" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.0" }, { "model": "fortios b064", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.18" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.16" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.14" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.13" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.12" }, { "model": "fortios mr2", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr1", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr12", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip ltm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "big-ip edge gateway hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.40" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0.39.0" }, { "model": "ace application control engine module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "point software secureplatform os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software check point ipso", "scope": "eq", "trust": 0.3, "vendor": "check", "version": "6.2" }, { "model": "networks adc 2.7.2-p3", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.1-p5", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.0-p6", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.6.1-gr1", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "smartcloud provisioning ifix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.17" }, { "model": "smartcloud orchestrator fp1 ifix7", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.1" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.2" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.4" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.9" }, { "model": "fortios", "scope": "ne", "trust": 0.3, "vendor": "fortinet", "version": "5.2.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "CNNVD", "id": "CNNVD-201412-189" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:f5:big-ip_access_policy_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_advanced_firewall_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_analytics", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_application_acceleration_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_application_security_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_edge_gateway", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_local_traffic_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_policy_enforcement_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_protocol_security_module", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_wan_optimization_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-ip_webaccelerator", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-iq_cloud", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-iq_device", "vulnerable": true }, { "cpe22Uri": "cpe:/a:f5:big-iq_security", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:internet_navigware_e-Learning_Pack", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:internet_navigware_Enterprise_LMS_Server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_application_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_apworks", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_studio", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_web_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_web_server_express", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:safeauthor", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:serverview", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_centric_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_inspection", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_keeper", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_patrol", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_it_change_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_operation_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_runbook_automation", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_security_control", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005869" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adam Langley", "sources": [ { "db": "BID", "id": "71549" } ], "trust": 0.3 }, "cve": "CVE-2014-8730", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2014-8730", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2014-08824", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-76675", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-8730", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-8730", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-76675", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "CNNVD", "id": "CNNVD-201412-189" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications. \r\n\r\n\r\nTLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user\u0027s sensitive information, such as cookies , Account information, etc. \nNote: This issue was previously titled \u0027OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04819635\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04819635\nVersion: 1\n\nHPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-29\nLast Updated: 2015-09-29\n\nPotential Security Impact: Disclosure of Privileged Information, Remote\nDisclosure of Privileged Information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with the HP VAN SDN\nController running SSLv3. This is the SSLv3 vulnerability known as \"Padding\nOracle on Downgraded Legacy Encryption\" also known as \"Poodle\", which could\nbe exploited remotely resulting in disclosure of privileged information. \n\nReferences:\n\nCVE-2014-8730\nSSRT102263\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nVAN SDN Controller 2.5.21\nVAN SDN Controller 2.5.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols\nin the client Auth properties of the\n/opt/sdn/virgo/configuration/tomcat-server.xml file. \n\nOpen the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing\nChange the following line from this: clientAuth=\"false\"\nsslEnabledProtocols=\"TLSv1.0, TLSv1.1,TLSv1.2\" to this: clientAuth=\"false\"\nsslEnabledProtocols=\" TLSv1.1,TLSv1.2\"\nRestart the controller. \n\nHISTORY\nVersion:1 (rev.1) - 29 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo\nbW4AnjzTddq/rpaQfITkTvhg7DUpT9f5\n=Px26\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" } ], "trust": 2.7 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-76675", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-8730", "trust": 3.6 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2014/12/09/27", "trust": 1.7 }, { "db": "SECUNIA", "id": "62167", "trust": 1.1 }, { "db": "SECUNIA", "id": "62388", "trust": 1.1 }, { "db": "SECUNIA", "id": "62224", "trust": 1.1 }, { "db": "BID", "id": "71549", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2014-005869", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "133815", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-76675", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139063", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "CNNVD", "id": "CNNVD-201412-189" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "id": "VAR-201412-0271", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ], "trust": 0.52067421125 }, "last_update_date": "2024-11-23T20:59:47.506000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "CVE-2014-8730 Padding issue", "trust": 0.8, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "title": "sol15882: TLS1.x padding vulnerability CVE-2014-8730", "trust": 0.8, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "title": "Interstage\u3084Systemwalker\u95a2\u9023\u88fd\u54c1\uff1aTLS1.0\u5b9f\u88c5\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u554f\u984c", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_tls_201501.html" }, { "title": "Patch for TLS fills man-in-the-middle attack vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/52704" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "trust": 2.6, "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html" }, { "trust": 2.0, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8730" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495" }, { "trust": 1.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635" }, { "trust": 1.1, "url": "https://support.lenovo.com/product_security/poodle" }, { "trust": 1.1, "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62167" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62224" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62388" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8730" }, { "trust": 0.3, "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk103683" }, { "trust": 0.3, "url": "http://www.fortiguard.com/advisory/cve-2014-8730--poodle-for-tls--vulnerability/" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36740" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-8730" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=tsb16579" }, { "trust": 0.3, "url": "https://securityadvisories.paloaltonetworks.com/home/detail/28?aspxautodetectcookiesupport=1" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695127" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698837" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685985" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699160" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021903" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693877" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693142" }, { "trust": 0.3, "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21692502" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960375" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693290" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693623" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700209" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692934" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693285" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692618" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692802" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693330" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698986" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961009" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8730" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144372772101168\u0026amp;w=2" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04819635" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "CNNVD", "id": "CNNVD-201412-189" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "CNNVD", "id": "CNNVD-201412-189" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-11T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2014-12-10T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2014-12-08T00:00:00", "db": "BID", "id": "71549" }, { "date": "2014-12-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2015-10-02T23:43:22", "db": "PACKETSTORM", "id": "133815" }, { "date": "2016-10-12T04:50:49", "db": "PACKETSTORM", "id": "139063" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" }, { "date": "2014-12-10T00:59:01.293000", "db": "NVD", "id": "CVE-2014-8730" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2017-01-03T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2016-10-26T11:05:00", "db": "BID", "id": "71549" }, { "date": "2015-03-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" }, { "date": "2024-11-21T02:19:39.347000", "db": "NVD", "id": "CVE-2014-8730" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural F5 Product SSL Vulnerability in obtaining clear text data in profile component", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005869" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.