var-201709-1104
Vulnerability from variot
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities. This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within an exposed RMI registry, which listens on TCP port 52569 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Multiple EMC products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. The following EMC products are vulnerable: EMC ViPR SRM EMC Storage M&R EMC VNX M&R EMC M&R (Watch4Net) for SAS Solution Packs.
Details:
* Directory Traversal Vulnerability (CVE-2017-8007)
Webservice Gateway used in these products is affected by a directory traversal vulnerability. Please see ESA-2017-089 for more details on how to change the credentials.
* Customers are strongly advised to review product documentation and use firewall controls to limit access to WebService Gateway and all other internal ports only to those servers that require access to them.
o For vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp.
Mitigation information for CVE-2017-8012 for all customers: * Change any default JMX agent credentials. Please see ESA-2017-089 for more details on how to change the credentials. * Review product documentation and use firewall controls to limit access to the JMX ports and all other internal ports only to those servers that require access to them. o For vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp. * Future releases will contain further measures to remove or harden communication via the JMX protocol. EMC VNX M&R customers must migrate to EMC Storage M&R version 4.1 or later to receive future security fixes.
Link to remedies:
-
For EMC ViPR SRM and EMC Storage M&R, registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/34247_ViPR-SRM.
-
For EMC M&R (Watch4Net) for SAS Solution Packs, registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/6175_Smarts-Service-Assurance-Manager
-
For VNX M&R, registered EMC Online Support customers can follow the mitigation steps described above.
Credits: EMC would like to thank rgod working with Trend Micro's Zero Day Initiative for reporting these vulnerabilities.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBCAAGBQJZwl9WAAoJEHbcu+fsE81ZLegH+wU8RTmKZt33ThZsOJcGekEJ CuD+v/JawNGDxK6nheFPreMa/IQRTTskGeVmbqypcV6Gh5pfx711OYzMnXBsufqH LNNywQ6q1hsM5LPYkZ1hu9bHcotM5Uvd80Lpsld1xU3TGbU+ruULPK2WY1QHcIyL IvU43HW803SCTS5lNaL+OKX3Coa+UUW1t7psJ0mVdCC3U19Qh+RrZPSnyHBThe5Z Btho0WoKauY+jqO6RxML+BT8D02Dn/+kjnlWyaca0QTXu8k0oEBqLI+vnO+KJCKY HxkxI1uvWsWy+z7x3MdsatFCl9ksMpXsWBoPR4EgZGbebDX38R9+ww/ryWQDPQ8= =jk2j -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "emc vnx monitoring and reporting",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "*"
},
{
"_id": null,
"model": "emc vipr srm",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "4.0.2"
},
{
"_id": null,
"model": "emc m\\\u0026r",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "*"
},
{
"_id": null,
"model": "emc storage monitoring and reporting",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "*"
},
{
"_id": null,
"model": "m\u0026r",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "(watch4net) for sas solution packs"
},
{
"_id": null,
"model": "storage m\u0026r",
"scope": null,
"trust": 0.8,
"vendor": "dell emc old emc",
"version": null
},
{
"_id": null,
"model": "vnx m\u0026r",
"scope": null,
"trust": 0.8,
"vendor": "dell emc old emc",
"version": null
},
{
"_id": null,
"model": "vipr srm",
"scope": null,
"trust": 0.8,
"vendor": "dell emc old emc",
"version": null
},
{
"_id": null,
"model": "vnx monitoring and reporting",
"scope": null,
"trust": 0.7,
"vendor": "dell emc",
"version": null
},
{
"_id": null,
"model": "storage m\\\u0026r",
"scope": null,
"trust": 0.6,
"vendor": "emc",
"version": null
},
{
"_id": null,
"model": "vnx m\\\u0026r",
"scope": null,
"trust": 0.6,
"vendor": "emc",
"version": null
},
{
"_id": null,
"model": "vipr srm",
"scope": "eq",
"trust": 0.6,
"vendor": "emc",
"version": "4.0.2"
},
{
"_id": null,
"model": "m\\\u0026r",
"scope": null,
"trust": 0.6,
"vendor": "emc",
"version": null
},
{
"_id": null,
"model": "vnx m\u0026r",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"_id": null,
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"_id": null,
"model": "storage m\u0026r",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"_id": null,
"model": "m\u0026r for sas solution packs",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "BID",
"id": "100982"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
},
{
"db": "NVD",
"id": "CVE-2017-8012"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:emc:m%26r",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:storage_m%26r",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:vnx_m%26r",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:vipr_srm",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "BID",
"id": "100982"
},
{
"db": "PACKETSTORM",
"id": "144273"
}
],
"trust": 1.1
},
"cve": "CVE-2017-8012",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-8012",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-8012",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2017-8012",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-8012",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8012",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-8012",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-8012",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-1151",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-8012",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "VULMON",
"id": "CVE-2017-8012"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
},
{
"db": "NVD",
"id": "CVE-2017-8012"
}
]
},
"description": {
"_id": null,
"data": "In EMC ViPR SRM, Storage M\u0026R, VNX M\u0026R, and M\u0026R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities. This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within an exposed RMI registry, which listens on TCP port 52569 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Multiple EMC products are prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. \nThe following EMC products are vulnerable:\nEMC ViPR SRM\nEMC Storage M\u0026amp;R\nEMC VNX M\u0026amp;R\nEMC M\u0026amp;R (Watch4Net) for SAS Solution Packs. \n\nDetails: \n*\tDirectory Traversal Vulnerability (CVE-2017-8007) \nWebservice Gateway used in these products is affected by a directory traversal vulnerability. Please see ESA-2017-089 for more details on how to change the credentials. \n*\tCustomers are strongly advised to review product documentation and use firewall controls to limit access to WebService Gateway and all other internal ports only to those servers that require access to them. \no\tFor vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp. \n\nMitigation information for CVE-2017-8012 for all customers:\n*\tChange any default JMX agent credentials. Please see ESA-2017-089 for more details on how to change the credentials. \n*\tReview product documentation and use firewall controls to limit access to the JMX ports and all other internal ports only to those servers that require access to them. \no\tFor vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp. \n*\tFuture releases will contain further measures to remove or harden communication via the JMX protocol. EMC VNX M\u0026R customers must migrate to EMC Storage M\u0026R version 4.1 or later to receive future security fixes. \n\nLink to remedies:\n\n*\tFor EMC ViPR SRM and EMC Storage M\u0026R, registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/34247_ViPR-SRM. \n\n*\tFor EMC M\u0026R (Watch4Net) for SAS Solution Packs, registered EMC Online Support customers can download patches and software from support.emc.com at:\nhttps://support.emc.com/downloads/6175_Smarts-Service-Assurance-Manager\n\n*\tFor VNX M\u0026R, registered EMC Online Support customers can follow the mitigation steps described above. \n\n\nCredits: \nEMC would like to thank rgod working with Trend Micro\u0027s Zero Day Initiative for reporting these vulnerabilities. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2\n\niQEcBAEBCAAGBQJZwl9WAAoJEHbcu+fsE81ZLegH+wU8RTmKZt33ThZsOJcGekEJ\nCuD+v/JawNGDxK6nheFPreMa/IQRTTskGeVmbqypcV6Gh5pfx711OYzMnXBsufqH\nLNNywQ6q1hsM5LPYkZ1hu9bHcotM5Uvd80Lpsld1xU3TGbU+ruULPK2WY1QHcIyL\nIvU43HW803SCTS5lNaL+OKX3Coa+UUW1t7psJ0mVdCC3U19Qh+RrZPSnyHBThe5Z\nBtho0WoKauY+jqO6RxML+BT8D02Dn/+kjnlWyaca0QTXu8k0oEBqLI+vnO+KJCKY\nHxkxI1uvWsWy+z7x3MdsatFCl9ksMpXsWBoPR4EgZGbebDX38R9+ww/ryWQDPQ8=\n=jk2j\n-----END PGP SIGNATURE-----\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8012"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "BID",
"id": "100982"
},
{
"db": "VULMON",
"id": "CVE-2017-8012"
},
{
"db": "PACKETSTORM",
"id": "144273"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-8012",
"trust": 3.6
},
{
"db": "BID",
"id": "100982",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1039418",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039417",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4807",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-826",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-8012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144273",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "VULMON",
"id": "CVE-2017-8012"
},
{
"db": "BID",
"id": "100982"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "PACKETSTORM",
"id": "144273"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
},
{
"db": "NVD",
"id": "CVE-2017-8012"
}
]
},
"id": "VAR-201709-1104",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3749999933333334
},
"last_update_date": "2024-11-23T22:12:50.742000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://japan.emc.com/about/index.htm"
},
{
"title": "Dell EMC has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://seclists.org/fulldisclosure/2017/Sep/51"
},
{
"title": "Multiple EMC Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75106"
},
{
"title": "Java-Deserialization-Cheat-Sheet",
"trust": 0.1,
"url": "https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet "
},
{
"title": "Java-Deserialization-CVEs",
"trust": 0.1,
"url": "https://github.com/PalindromeLabs/Java-Deserialization-CVEs "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "VULMON",
"id": "CVE-2017-8012"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "NVD",
"id": "CVE-2017-8012"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.5,
"url": "http://seclists.org/fulldisclosure/2017/sep/51"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/100982"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039418"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039417"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8012"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8012"
},
{
"trust": 0.3,
"url": "http://www.emc.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/grrrdog/java-deserialization-cheat-sheet"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/6175_smarts-service-assurance-manager"
},
{
"trust": 0.1,
"url": "https://support.emc.com/kb/503844)"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/34247_vipr-srm."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8007"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-826"
},
{
"db": "VULMON",
"id": "CVE-2017-8012"
},
{
"db": "BID",
"id": "100982"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
},
{
"db": "PACKETSTORM",
"id": "144273"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
},
{
"db": "NVD",
"id": "CVE-2017-8012"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-17-826",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-8012",
"ident": null
},
{
"db": "BID",
"id": "100982",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008471",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144273",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1151",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-8012",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "ZDI",
"id": "ZDI-17-826",
"ident": null
},
{
"date": "2017-09-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8012",
"ident": null
},
{
"date": "2017-09-21T00:00:00",
"db": "BID",
"id": "100982",
"ident": null
},
{
"date": "2017-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008471",
"ident": null
},
{
"date": "2017-09-20T22:33:33",
"db": "PACKETSTORM",
"id": "144273",
"ident": null
},
{
"date": "2017-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1151",
"ident": null
},
{
"date": "2017-09-22T01:29:25.500000",
"db": "NVD",
"id": "CVE-2017-8012",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "ZDI",
"id": "ZDI-17-826",
"ident": null
},
{
"date": "2021-09-13T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8012",
"ident": null
},
{
"date": "2017-09-21T00:00:00",
"db": "BID",
"id": "100982",
"ident": null
},
{
"date": "2017-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008471",
"ident": null
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1151",
"ident": null
},
{
"date": "2024-11-21T03:33:09.337000",
"db": "NVD",
"id": "CVE-2017-8012",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural EMC Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008471"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1151"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…